Forum Discussion
Solved
Microsoft Defender for Servers
Hello, What is the best practice to enroll on-premises servers? I seem to get confusing information. Do we really need Azure Arc? The idea is to use Intune and I can use Ad connect to enroll them ...
JiPeg74 if your servers are onboarded in MDE and you turn on the below feature, you will see your servers appearing in Intune and you can enforce security settings from Intune to your servers
No, you don't need Azure Arc, unless you would like to use Defender for cloud for server.
Please note that Defender for endpoint for server and Defender for Cloud for server are two different products.
Dedenfer for endpoint for server (For antivirus, EDR etc) doesn't need an Azure Arc server.
If you are using Active directory for managing your on-premises servers, then the easiest way to onboard them is by using Group policy.
Can find the detailed steps about how to onboard with Group Policy from https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-worldwide.
Please note that Defender for endpoint for server and Defender for Cloud for server are two different products.
Dedenfer for endpoint for server (For antivirus, EDR etc) doesn't need an Azure Arc server.
If you are using Active directory for managing your on-premises servers, then the easiest way to onboard them is by using Group policy.
Can find the detailed steps about how to onboard with Group Policy from https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-worldwide.
Thanks for this clarification with Azure Arc...
What about if I need to manage the security controls with Intune. Will the servers appear immediately in intune. I am talking if I use the new feature: Zero touch ? And if they automatically appear in Intune, are the control policy have the same limitations as for Windows 10 and 11 workstations?
What about if I need to manage the security controls with Intune. Will the servers appear immediately in intune. I am talking if I use the new feature: Zero touch ? And if they automatically appear in Intune, are the control policy have the same limitations as for Windows 10 and 11 workstations?
JiPeg74 if your servers are onboarded in MDE and you turn on the below feature, you will see your servers appearing in Intune and you can enforce security settings from Intune to your servers
I tried that on 2 machines with no success. I waited for 2 days still no success 😞
Now I noticed that I have a "DNS Error" and "N/A" under Device management, MDE Enrollment status.All pre-requirements seems good:
- Windows server 2022 21h2
- latest windows updates
Any idea how I can troubleshoot this?
Many thanks
- please refert to the below link for your DNS error
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/troubleshoot-security-config-mgt?view=o365-worldwide#general-troubleshooting
- According to my understanding, Intune is a management tool for managing Windows client.
We use Group Policy to manage Defender policy for our AD servers.
If you would like to extend Azure's management capabilities to your on-premises environment, then you will need Azure Arc.