Forum Discussion
seth
Oct 02, 2022Iron Contributor
Defender for Endpoint Server standalone license
As of September 1, Microsoft has removed the Defender for Endpoint on Servers P1 and P2 licenses, forcing on-premises customers to use Azure ARC / Defender for Cloud! Onboarding to Azure ARC is no...
seth
Oct 14, 2022Iron Contributor
That's nice that you speak for your EA Bubble. But it is no longer available in Direct and CSP for new customers / renew subscriptions. Not everyone wants or can sign an EA. Even more stupid was the idea to make it different in the contracts.
JonRuiz
Microsoft
Oct 24, 2022HI Seth,
Is this for your personal use or for a small to medium business? What are your reasons that you feel having an enterprise agreement is prohibitive? If you are Microsoft partner you can obtain solutions via the partner program. Otherwise, an EA can be economical even for the smallest customers. I recommend speaking to your reseller.
Here is the link to the descriptions of the available server plans:
Overview of Microsoft Defender for Servers | Microsoft Learn
Note that Plan 1 for Servers actually includes MDE P2 and it is about $4.91 for 730 hours per month (ie. 100% usage). Plan 2 for servers offers a treasure trove of additional capabilities that you can read about in the link above - it's retail is $14.60 for 730 hours per month.
- sethOct 25, 2022Iron Contributor“Onboarding to Azure ARC is not always possible, another agent is required and it requires a huge effort for the management of the subscription, security and assets.”
There are customers where on-premises infrastructure is strictly separated from Azure. Azure is also often operated by other administrators or partners than the on prem systems. So it expands access to the on prem systems just because you want to use an edr. This is compliance and security issue. Maybe not every on oprem customer wants to mess around with the complexity in azure and possibly implement an insecure solution! This applies to customers of all sizes…- JonRuizOct 25, 2022
Microsoft
My understanding is you ONLY need Azure Arc for the capabilities outside of MDE P2 that are described in the Servers Plan 2. AFAIK - you can use all the same deployment methods for MDE P2 vs if you bought it standalone (e.g. Endpoint Manager etc). I'll verify that with my Technical Specialist - but I am 99% sure.
That said, I have been told that Azure Arc is much simpler to deploy and manage then you have described. I have colleagues with many, many large customers who are successfully leveraging ARC for on-premise devices. I would expect there are some hw \ sw requirements to achieve the scalable deployment. For me so far, a popular case for on-premise use of the Server P2 license is file integrity monitoring on servers that have a regulatory requirement for FIM such as PCI.- sethOct 25, 2022Iron ContributorJonRuiz
I think you don't want to understand or hear that ARC / Azure Integration for on-prem is not an option for many customers and partners for a variety of reasons.
How am I supposed to pay for the licenses without ARC or Defender for Cloud onboarding? With the standalone license I run a onboarding script and have nothing to do with Azure!
Maybe a few voices outside of your bubble:
https://twitter.com/NathanMcNulty/status/1575303162306908161?s=20&t=81wWY1zOG7XvlP9M8ODk5Q
https://twitter.com/NathanMcNulty/status/1578586601869168640?s=20&t=81wWY1zOG7XvlP9M8ODk5Q
https://twitter.com/SamErde/status/1584915246069809152?s=20&t=81wWY1zOG7XvlP9M8ODk5Q