Microsoft hat sein neues Tool „Advanced Threat Analytics“ (ATA) freigegeben. Grund genug das neue Werkzeug mal zu auszuprobieren. ATA kann hier in einer 90 Tage Demo runtergeladen werden:
https://technet.microsoft.com/de-de/evalcenter/mt228154
By the way, there is also a key in the MSDN subscription:
I am testing the whole thing in my Hyper-V playground. The ATA VM requires 2 network cards, and the network traffic of the domain controller must also be mirrored to the ATA VM:
ATA VM:
Domain Controller:
But now to the installation:
I use self-signed certificates for testing:
After restarting the server, the installation continues.
Nach dem Klick auf „Starten“ öffnet sich der Internet Explorer:
Here you can log in with the Domain Administrator and then start the configuration:
Once the user and password have been entered, the ATA Gateway setup can be downloaded and installed. I installed the ATA Gateway on the same server for testing purposes:
After a short time, a few objects should have been recognized:
Test it now 
