How to enforce ASR Rules at Scale on Azure Arc Enabled Servers,when using Defender for Servers P2?

Copper Contributor

When using Defender for Endpoint Plan 2 to Windows Clients ,Windows/Linux Servers (On-Prem) ,one can enforce & manage Attack Surface Reduction(ASR) Rules at Scale using GPO Policy,Endpoint Manager or Configuration Manager ,Ansible/Puppet.

How can one enforce & manage Attack Surface Reduction Rules at Scale for Azure Arc Enabled Servers(On-Prem/GCP/AWS) & Azure VMs?

1 Reply
It depends on how those servers are managed. For domain-joined servers you can use GPO just like for clients, MEM is another option: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/security-config-management...