Microsoft Defender for Server- Endpoint Protection Disable

Copper Contributor

I discovered that we can off endpoint protection in Defender for Server Settings. My question is whether there are any alternatives to endpoint protection.

30.PNG

5 Replies
If by options you mean products that are not MDE, the answer is no.

The option listed enables automatic onboarding of MDE for servers covered by a Defender for Servers plan, which will onboard all servers in said subscription.
If you want more granular onboarding of MDE, you can use Azure policies to only onboard specific servers or resource groups.

@Jonhed Thank you so much for your response. May I also inquire whether it is possible to find for servers whose virus definition files have not been updated? According to my understanding, it will be updated via Windows Security Updates.

There is reporting available for virus definition files in Microsoft 365 Defender.

As for update sources, the default will be Microsoft Update, however there are options there, and using Microsoft Update requires the Windows Update service to run etc so may not be available in all environments depending on the OS configuration.
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-protection-updates...

@Jonhed I see. I still have a lot to learn about this. Thank you really lot. I have another question. Why is the status of my On-Premise AAD joined? This is an On-Premise server. On this, I did not sync any accounts. Could you kindly explain why this is so?AAD joined.PNG

@Felipe25 
I would say it is related to this.

https://learn.microsoft.com/en-us/mem/intune/protect/mde-security-integration#prerequisites

 

Are these servers viewable in Azure AD, and listed as managed by MDE?