Forum Discussion
Solved
Activating Defender for Server Plan 1 and Plan 2 in the same Subscription
Hi Community,
i would like to learn if we activate the defender for server plan 1 for some Endpoints (for some Resource Groups maybe) and Plan 2 for other Endpoints. I know already that the Plan 1 can only be activeted at subscription level but i am wondering if there is a way to use two plans simultaneously in order to reduce the costs of defender for server plan 2. Thanks in advance.
- Defender for Servers is enabled at the subscription level. Whether P1 or P2. This will cover all the servers that are within that subscription, both VM and ARC.
Then, you also have the ability to enable Defender for Servers P2 at a workspace level. But this will limit the functionality of said plan. Yet, this will allow you to restrict to those machines connected (sending Heartbeats) to the specific workspace.
Currently, there is no way to restrict this by Resource Group.
2 Replies
- Defender for Servers is enabled at the subscription level. Whether P1 or P2. This will cover all the servers that are within that subscription, both VM and ARC.
Then, you also have the ability to enable Defender for Servers P2 at a workspace level. But this will limit the functionality of said plan. Yet, this will allow you to restrict to those machines connected (sending Heartbeats) to the specific workspace.
Currently, there is no way to restrict this by Resource Group. mhmmdrn When you enable Microsoft Defender for Servers on an Azure subscription or a connected AWS account, all of the connected machines are protected by Defender for Servers. You can enable Microsoft Defender for Servers at the Log Analytics workspace level, but only servers reporting to that workspace will be protected and billed and those servers won't receive some benefits, such as Microsoft Defender for Endpoint, vulnerability assessment, and just-in-time VM access
