Enroll only selected servers in Azure Defender

Occasional Contributor

Hi Team,


I have a existing LA Workspace which I use for Sentinel, so the MMA is installed on our on-premise servers.

Now I would like to enable this workspace in Azure Defender, but I'll only want to add some of the servers in Azure Defender(paid version), is there any way to do this or do you need another workspace for the servers I would like to add to Azure Defender?

2 Replies
best response confirmed by khelbo (Occasional Contributor)

Hi @khelbo 


Even though it's possible to enable AzDefender for Servers at the workspace level, it's highly recommended to enable it at the subscription level, otherwise you won't get some additional features like JIT, Application controls, MDE, etc.
Azure Defender for servers - the benefits and features | Microsoft Docs

Also, its not currently possible to enable Defender for a subset of servers connected to ASC, this is something we are considering adding in the future.

Azure Security Center FAQ - data collection and agents | Microsoft Docs



You cannot enable Azure Defender for only selected servers on your subscription. Please read the article on :

Azure Defender / Security Center enables on your subscription level. Not with individual components.