In the Windows 10 Fall Creators Update, Windows Defender ATP has extended its advanced attack detection and investigation capabilities by adding platform support to include Windows Server operating systems.
A new Windows Defender ATP sensor for server monitors activities on the server endpoint and reports them to the Windows Defender ATP cloud service to detect attacker activities and enable incident response.
In some cases though, security policies may prevent servers from connecting to the internet and communicating with the service.
If your IT security policy does not allow servers on your network to connect to the Internet, they can be configured to communicate to the Windows Defender ATP cloud service without requiring internet connectivity using the OMS gateway while retaining compliance with IT security policy:
See the product guides to get more information on how monitored servers can be on boarded and send data to the Windows Defender ATP service when they do not have Internet access:
We'd love to hear your feedback and questions!
Alon Rosental
Principal Program Manager, Windows Defender ATP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.