Forum Discussion
Enroll only selected servers in Azure Defender
Hi Team,
I have a existing LA Workspace which I use for Sentinel, so the MMA is installed on our on-premise servers.
Now I would like to enable this workspace in Azure Defender, but I'll only want to add some of the servers in Azure Defender(paid version), is there any way to do this or do you need another workspace for the servers I would like to add to Azure Defender?
Hi khelbo
Even though it's possible to enable AzDefender for Servers at the workspace level, it's highly recommended to enable it at the subscription level, otherwise you won't get some additional features like JIT, Application controls, MDE, etc.
Azure Defender for servers - the benefits and features | Microsoft Docs
Also, its not currently possible to enable Defender for a subset of servers connected to ASC, this is something we are considering adding in the future.Azure Security Center FAQ - data collection and agents | Microsoft Docs
2 Replies
- You cannot enable Azure Defender for only selected servers on your subscription. Please read the article on : https://docs.microsoft.com/en-us/azure/security-center/security-center-get-started#:~:text=To%20enable%20Security%20Center%20on%20all%20subscriptions%20within,select%20Security%20Center.%20Security%20Center%27s%20overview%20page%20opens.
Azure Defender / Security Center enables on your subscription level. Not with individual components. - StanislavBelov
Microsoft
Hi khelbo
Even though it's possible to enable AzDefender for Servers at the workspace level, it's highly recommended to enable it at the subscription level, otherwise you won't get some additional features like JIT, Application controls, MDE, etc.
Azure Defender for servers - the benefits and features | Microsoft Docs
Also, its not currently possible to enable Defender for a subset of servers connected to ASC, this is something we are considering adding in the future.Azure Security Center FAQ - data collection and agents | Microsoft Docs
