Forum Discussion

Nesma168's avatar
Nesma168
Copper Contributor
Nov 11, 2024

Assign Microsoft Defender for Endpoint Server

Hi Everyone, We are considering purchasing Microsoft Defender for Endpoint Server on our server, but I know that these licenses should be assigned, but I am not sure why we should assign these to us...
microsoft defender for endpoint
Alikoc's avatar
Alikoc
MCT
Nov 12, 2024

Hello,

Server licenses for MDE do not require manual assignment to individual servers. When you purchase the appropriate number of licenses corresponding to your number of servers, licensing is considered compliant. However, it is very important to ensure that the number of licenses matches the number of servers you plan to protect. 

 

Best Regards,

Ali Koc

Nesma168's avatar
Nesma168
Copper Contributor
Nov 12, 2024

Thanks. How about the configurations? Is there a specific way to configure the endpoint for servers?

  • Alikoc's avatar
    Alikoc
    MCT
    Nov 12, 2024

    Yes,

    You can make standard MDE configurations. In addition, you can configure it by taking into account the steps I have given below.

     

    Endpoint Security Policies:

      • Ensure that endpoint security policies are defined and enforced. This could include antivirus, anti-malware, intrusion detection/prevention systems (IDS/IPS), and firewall rules.
      • For Windows Servers, Endpoint Protection configurations can be managed through Microsoft Defender for Endpoint.

    Network Access Control:

      • Restrict access to the server endpoints using Network Access Control (NAC) or security groups.
      • Use firewalls or other security appliances to limit network exposure by allowing access only from authorized IP ranges or VPN connections.

    SSL/TLS Configuration:

      • If your server endpoint is exposed to the internet or used for secure internal communications, configure SSL/TLS certificates to encrypt traffic.
      • Use only strong cipher suites and protocols, disabling outdated or weak ones (e.g., SSL, older versions of TLS).

    Authentication and Authorization:

      • Configure endpoint authentication, such as using Active Directory, to control who can access the server.
      • Implement role-based access control (RBAC) to restrict access based on user roles and privileges.

    Patch Management:

      • Keep the server OS, endpoint protection software, and all other installed software up-to-date with the latest security patches and updates.

    Endpoint Monitoring and Logging:

      • Enable detailed logging on your servers to monitor access and activities.
      • Use tools like Windows Event Viewer, Sysmon, or centralized logging solutions to analyze and detect potential threats or unauthorized access.

    Data Protection:

      • Configure data encryption on disks and storage, especially if the server stores sensitive information.
      • Use tools like BitLocker for disk encryption on Windows Servers.

    Endpoint Backup and Recovery:

      • Set up automated backups for critical data, and test the restore process regularly.
      • For disaster recovery, consider implementing redundant systems and maintaining offline or offsite backups.

    Endpoint Hardening:

      • Disable unnecessary services, protocols, and open ports.
      • Use security baselines provided by platforms like Microsoft’s Security Compliance Toolkit for Windows Server environments.

     

    Please mark it as an answer if it is useful.

Resources