Blog Post

Microsoft Defender for Endpoint Blog
2 MIN READ

Microsoft Defender ATP EDR support for Windows Server 2008 R2 now generally available

HeikeRitter's avatar
HeikeRitter
Icon for Microsoft rankMicrosoft
Sep 26, 2019

We’re announcing the general availability of Microsoft Defender ATP’s endpoint detection & response (EDR) capability for Windows Server 2008 R2, enabling customers to gain greater security coverage and protection for their infrastructure.

 

To help customers stay secure while modernizing their infrastructure we’ve extended Microsoft Defender ATP’s EDR capabilities to also support Windows Server 2008 R2. This enhancement delivers a simple to deploy, and frictionless solution that equips security teams with robust behavioral-based threat detection, investigation, and response capabilities.

 

Providing deep visibility on activities happening on server endpoints, Microsoft Defender ATP for Windows Server 2008 R2 gives security teams rich, correlated insights into activities and threats including details on suspicious processes, files, network registry, and memory activities.

 

Machine page showing an in-memory detection on a Windows Server 2008 R2 machine

 

Additionality to providing EDR capabilities for Windows Server 2008 R2, we’re integrating with Azure Security Center for this server platform as well, enabling customer using Azure Security Center to harness the power of Microsoft Defender ATP and augment threat detection across their deployed server platforms.

 

Customers using Azure Security Center gain access to Microsoft Defender ATP’s threat detection capabilities to identify malicious behaviors, attacker techniques and tools, understand these threats and be able to quickly respond.

 

To help you get started, Microsoft Defender ATP is automatically enabled for Windows VMs/Servers hosted in Azure or other environments (other clouds or on-premises) that are onboarded to the Azure Security Center. To learn more about the Azure Security Center and Microsoft Defender ATP built-in offering check out our documentation.

 

For more information check out our documentation.

 

Thank you

The Microsoft Defender ATP team

Updated Sep 28, 2020
Version 3.0
  • Jim_Mueller's avatar
    Jim_Mueller
    Copper Contributor

    The documentation link at the bottom of the article doesn't mention 2008R2. Was 2008R2 support later removed, or is the other link incorrect?

  • Gurdev Singh's avatar
    Gurdev Singh
    Iron Contributor

    Does EDR support only include detection or does it also include response for Windows Server 2012? Given Defender AV is not supported on Server 2012, and MMA agent is used for reporting only i.e. MMA agent has no ability to respond to threats on the server. All it can do is report server status in Security Center.

  • Ryan Pertusio's avatar
    Ryan Pertusio
    Brass Contributor

    Happy to see 2008 R2 for those who need it!

    But, as of this comment, you still don't support Windows Server 2012.  (But, you support 2008 R2 SP1, and 2012 R2 which book-end it?)