Forum Discussion
SecEngLayer2
Feb 21, 2022Copper Contributor
Microsoft Defender On-Premise (No Internet connectivity)
Hello, Is there a way to mange/configure/administer MS Defender clients in an On-Premise environment with no connection to Azure cloud management portals please? Many Thanks, Graeme
- Feb 27, 2022Yes, it is possible to manage it using Microsoft Endpoint Configuration Manager and you many manage it on-premise. It is possible to manage it using Group Policy and PowerShell but you have some challenges. Offline updating definition is possible but you have to download the definition updates everyday and then deploy them or add them to share files. Take a look at:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-mde-post-migration-configuration-manager
BenR87
Copper Contributor
Thanks for pointing me to the resources, Reza! What I'm actually missing is the practical implementation for this hybrid (Powershell + cloud) solution. It almost seems that Microsoft doesn't support this and we actually need to patch things together to make this 'work'.
Reza_Ameri
Mar 04, 2022Silver Contributor
Yes, there is no supported PowerShell + Cloud and you have to design and implement your own scenario. The hybrid scenario recommended from Microsoft is Intune+ConfigMgr and Microsoft also simplified the licensing requirements and working on simplifying hybrid model in such a case.