Forum Discussion
Migrating workstations and servers to Defender
My organisation is moving its AV to defender for endpoint. I've not administered defender in a corporate environment before so would was hoping to get some advice/help?
We have already begun onboarding our laptops, vdis and workstations and are looking to onboard a couple fileservers too.
Our devices are not currently managed via Intune, so it's a case of setting up the policies in the security portal which hasn't been too bad so far..
However, I wanted to know-
-do we need seperate licences for the file servers?
-how can I split the policies between user devices and servers? I don't see a way to define granular policies per device? And of course, I don't want to set the same user policies on the servers.
Thanks!
Tej
- ambarishrhIron Contributor
Tryatt Congratulations on the move! 🙂
My organisation is moving its AV to defender for endpoint. I've not administered defender in a corporate environment before so would was hoping to get some advice/help?
Have a look at my series on Defender here for more info: Microsoft Defender ATP Training Series Part 1: On boarding and basic policies (new endpoint portal) - YouTube
-do we need seperate licences for the file servers?
The best option for servers would be to purchase the standalone License for Servers for 15 USD/ per server and Install agent Microsoft Monitoring Agent (MMA) connect the Azure security center Onboard Windows servers to the Microsoft Defender for Endpoint service | Microsoft Docs
-how can I split the policies between user devices and servers? I don't see a way to define granular policies per device? And of course, I don't want to set the same user policies on the servers.You could use GPO to setup policies: Configure Microsoft Defender Antivirus with Group Policy | Microsoft Docs
Hope this helps!