Windows Defender Advanced Threat Protection (Windows Defender ATP) is a unified security platform that covers endpoint protection platform (EPP) and endpoint detection and response (EDR). Initially w...
Updated Jun 09, 2021
Version 6.0
Blog Post
Hello @all,
the newest way to support Windows Server with MS Defender for Endpoint Antivirus policies is to bring your servers into Intune (Microsoft Endpoint Manager admin center --> https://endpoint.microsoft.com).
That is possible with a new preview feature which is visible into the Microsoft 365 Defender portal (https://security.microsoft.com) under Settings --> Endpoints --> Configuration management --> Enforcement scope.
From there you can switch on your OS platform which you want enroll to Microsoft Endpoint Manger (Intune).
If you donĀ“t see that feature you have to turn on the preview feature under Settings --> Endpoints --> Advanced features --> (scroll down and turn on) Preview features.
That means, as soon as you have onboarded your Windows Server to the Microsoft 365 Defender portal and mark it with an special tag like "MDE-Management" it will appear after about 30 to 60min into Intune and you can manage your Server from there with Defender for Endpoint policies.
I guess you need for that at least a Intune license on your user and one of the MS Defender for Endpoint Plans or licenses which includes an MS Defender for Endpoint Plan. (not tested if MS Defender for Endpoint Plan 1 is enough for this). I have tested the onboarding to Intune via MS Defender portal and the new preview feature with Windows Server 2016 and 2019.