Forum Discussion
How to manage security policies on servers onboarded to Microsoft Defender for Endpoint using Azure
I am relatively new to Microsoft Defender 365 suite and I want to manage security configurations (specifically AV policies) on some of the on-prem servers and workstations that are on-boarded with Azure arc and configuration manager. After on-boarding the endpoints, I am able to see the endpoints coming up in defender console(security.microsoft.com) but unable to manage/view the device security policies. Can anyone suggest how to manage security policies on servers onboarded to Microsoft Defender for Endpoint using Azure Arc and Configuration manager?
I can see the below message wen I click on security policy of a device on-boarded using azure arc
"This device isn't managed
We can not show the device's applied security policies since it is not managed by a known authority.
2 Replies
- There are multiple ways of approaching this. If you onboarded the devices using Configuration manager then you can manage the Defender policies using Configuration Manager itself. Also, if it just the AV component that you need to manage, you don't really need Defender for Endpoint for it, although it is recommended in absence of a 3rd party XDR solution. You also have the option to Co-manage endpoints and cloud attach servers to apply the policies using Intune. Alternatively, you can use security configuration management feature within in Defender and enable the connector with Intune and apply the policies using Intune. Look me up if you need anymore assistance.
Mandara_BM Hi, the devices are Hybrid Azure AD Join?Azure AD Join?
Have you already enabled co-management between Configuration Manager (SCCM) and Intune?
