Forum Discussion
Migrating workstations and servers to Defender
My organisation is moving its AV to defender for endpoint. I've not administered defender in a corporate environment before so would was hoping to get some advice/help?
We have already begun onboarding our laptops, vdis and workstations and are looking to onboard a couple fileservers too.
Our devices are not currently managed via Intune, so it's a case of setting up the policies in the security portal which hasn't been too bad so far..
However, I wanted to know-
-do we need seperate licences for the file servers?
-how can I split the policies between user devices and servers? I don't see a way to define granular policies per device? And of course, I don't want to set the same user policies on the servers.
Thanks!
Tej
1 Reply
Tryatt Congratulations on the move! 🙂
My organisation is moving its AV to defender for endpoint. I've not administered defender in a corporate environment before so would was hoping to get some advice/help?
Have a look at my series on Defender here for more info: https://www.youtube.com/watch?v=aHhjQKtbS98&list=PL7QZvnh1gmjojV24Ut4nRzPjaEtaEWhv2
-do we need seperate licences for the file servers?
The best option for servers would be to purchase the standalone License for Servers for 15 USD/ per server and Install agent Microsoft Monitoring Agent (MMA) connect the Azure security center https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-worldwide
-how can I split the policies between user devices and servers? I don't see a way to define granular policies per device? And of course, I don't want to set the same user policies on the servers.You could use GPO to setup policies: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/use-group-policy-microsoft-defender-antivirus?view=o365-worldwide
Hope this helps!
