Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Server is still showing " Install endpoint protection solution on virtual machines"

Brass Contributor

Windows server 2019 has AMA (Azure Monitor Agent) and has Defender for Endpoint onboarded but it still showing in the recommendation to "Install endpoint protection on virtual machine" as unhealthy. Defender for endpoint is onboarded and is listed in the installed application and confirmed running.


Do I have to install MMA as well? or there is something else missing to update the recommendation.

10 Replies

it Seems there are two Recommendations:

1- "Install endpoint protection solution on virtual machines" which shows unhealthy 

2- "Endpoint protection should be installed on machines" (Preview) which shows healthy 


So it looks like there is an old recommendation and there is a new one. this is might be confusing as it should be one recommendation related to endpoint protection.


Any how when you click on the first recommendation it informs you there is an updated version, however you still have one recommendation not satisfied.

I also experience the similar issue. Keen to know the correct method.
"Endpoint protection should be installed on machines" will be GA-ed later this month, when this happens the old recommendation will be deprecated. Please focus on the new one.

@Stanislav Belov it looks like the old recommendation "Install endpoint protection solution on virtual machines" has not been deprecated and is still showing; presumably this is therefore having an impact on Advisor Score?

This still doesn't seem to have been deprecated and is still showing for me. Please can yo advise when this will be deprecated. I'm assuming that this also has an impact on the Secure Score.




I don't also see option to exempt this recommendation. Other recommendation can be exempted...
This still an issue and affecting Advisor Score.
Is there any resolution on this? My security score is reduced because of the outdated recommendation.

I think that, if even after having installed MMA and MFA you get the same recommendation on screen, you should have to start and configure again the endpoint protection on your VMs, within the currently updated version.