Forum Discussion

John_Azcloud's avatar
John_Azcloud
Copper Contributor
Oct 12, 2022

Defender for cloud Server configuration

Hello colleagues,   We have enrolled a few servers to azure arc and we onboard them on Defender on Cloud via Policy. What is the best practice to configure Defender for Server settings via Azure? ...
migsg's avatar
migsg
Icon for Microsoft rankMicrosoft
Dec 12, 2023
Adding an on-prem machine to Azure Arc will allow you to manage your on-prem device via Azure. Hence, it will be treated as an Azure machine. One of the feature of Defender for Servers is to install Defender for Endpoint (MDE) to your machines. It is just another method of deploying MDE to your machines apart from Group Policy, Config Manager and Intune. It is so far the most convenient way of deploying the agent to your Azure machines (VMs and Arc).

So far Intune is the only way I know to configure Defender AV settings. Please check out this link.

https://learn.microsoft.com/en-us/mem/intune/protect/mde-security-integration

andreasponjavic's avatar
andreasponjavic
Copper Contributor
Dec 19, 2023

migsg Thank you very much for your answer! So far, I know MS don't want us to manage our servers with Intune. They want us to use the Azure capability but if we use guest configuration with azure policy, they will charge 6$ / server / month. Unfortunately, I didn't know this in the beginning of the project.

 

The solution right now is, similar what you said, to use Intune for the Antivirus Policies. We activated the Management MDE capabilities in M365 Defender. This option is nice in my opinion because Arc onboarded machine are onboarded to Intune automatically over MDE. Maybe I am blind, but this solution is nowhere documented in the Defender for Cloud for Arc enabled machines documentation. 

For now, it works well. I am looking forward to seeing how our servers will work with defender.. 

 

Thank you and I hope this will maybe help others with the same task / project..