Forum Discussion
Defender for Identity for unmanged DMZ Domain?
Hello, I am seeing information on the support of Defender for Identity for forests, but am wondering if Defender for Identity is supported in a separate/disconnected DMZ domain? My org has our main d...
Yes you can. The sensor just calls back to the cloud and there's no need for any connection between forests. There is a risk which I identified in one of my blog posts though:
https://thalpius.com/2023/01/16/microsoft-defender-for-identity-lateral-movement-from-forest-to-forest-without-a-forest-trust/
https://thalpius.com/2023/01/16/microsoft-defender-for-identity-lateral-movement-from-forest-to-forest-without-a-forest-trust/