Forum Discussion

jcescut's avatar
jcescut
Brass Contributor
Mar 24, 2021
Solved

Create MDE tenant having only Azure Defender for Servers licenses

Hi,

 

somehow I'm not able to figure out how to create a MDE tenant if having only Azure Defender for Servers license which includes the license for MDE for Servers.

When I browse to URL https://securitycenter.windows.com/, I get the "No subscription found" page.

I'm logged in Azure Security Center (https://portal.azure.com/#blade/Microsoft_Azure_Security/SecurityMenuBlade/0) as a user who has Global Administrator role assigned.

What is the correct procedure to provision the MDE tenant in such case?

 

Kind regards,

Jan

 

  • Balaji_R's avatar
    Balaji_R
    Mar 26, 2021

    jcescut 

    Hi Jan,

    As per the article, "When you use Azure Security Center to monitor your servers, a Microsoft Defender for Endpoint tenant is automatically created"

     

    Please update if you have referred the section "Enabling the Microsoft Defender for Endpoint integration" in the article https://docs.microsoft.com/en-us/azure/security-center/security-center-wdatp

     

3 Replies

  • Balaji_R's avatar
    Balaji_R
    Copper Contributor
    Mar 25, 2021

    jcescut 

    Hi Jan,

    We need to enable MCAS/MDATP integration in Azure Security Center via API. 

    Please follow the steps in the article: - https://docs.microsoft.com/en-us/rest/api/securitycenter/settings/update

    https://docs.microsoft.com/en-us/azure/templates/microsoft.security/2019-01-01/settings?tabs=json

     

    May be Azure Security Center community can provide clarity/confirmation. 

     

    Thanks,

    Balaji R

    • jcescut's avatar
      jcescut
      Brass Contributor
      Mar 25, 2021

      Balaji_R: I'm not sure if this is the same issue that I'm having. In my case I don't even have an active Defender for Endpoint tenant. And cannot simply create one as there are no "user-based" MDE licenses available - this particular Azure tenant is a pure IaaS environment containing just some Windows Server VMs and an active Azure Defender for Servers subscription (which includes a license for MDE for Servers).

       

      Should I request a MDE trial subscription, assign the MDE license to one of the users in Azure AD (the admin user which is used for administration tasks) and then create the MDE tenant?

       

      • Balaji_R's avatar
        Balaji_R
        Copper Contributor
        Mar 26, 2021

        jcescut 

        Hi Jan,

        As per the article, "When you use Azure Security Center to monitor your servers, a Microsoft Defender for Endpoint tenant is automatically created"

         

        Please update if you have referred the section "Enabling the Microsoft Defender for Endpoint integration" in the article https://docs.microsoft.com/en-us/azure/security-center/security-center-wdatp

         

Resources