Defender for Servers - Plan 1

Copper Contributor

Microsoft have just released a new plan for Defender for Servers which has a reduced set of functionality entitlement for Azure services.


Presumably this is because Defender on Servers is broarder than just Azure hosting and targetting multi-cloud and onprem systems.  What isn't clear from the documentation yet is if Defender for Servers Plan 1 does contain all the features of Defender for Endpoint Plan 2.




I'd really love clarification if features like "Live Response" on servers are included with the new Defender on Servers Plan 1?


3 Replies
Hi @Laurie_Rhodes,
My understanding is/was that "Defender for Servers" is effectively the cut down version of Defender for Cloud and is more of a commercial construct? But thanks for sharing those details

Hey David.

The name changes with "Defender" products over the past two years has been hard to keep up with. The way I see it is that "Defender for Cloud" is a catalogue of Defender products that protect cloud services. Up until a couple of months ago Defender for Servers was the new name for Windows Defender / Microsoft Defender that was installed on Servers. Those too were new names for "Azure Anti-Malware" and "Defender ATP" which had advanced security capability within the endpoint.

I have seen a couple of Microsoft pages in the last week refer to the Defender client software that's deployed as "Defender for Servers - Plan 1" from Security Center / Defender for Cloud as actually being "Defender for Endpoint". The only issue with saying Defender for Endpoint as a product now covers Servers is that DfE has two different plans for internal capability... Plan 2 being the old "ATP" advanced security functionality in the client. The functionality matrix of Defender for Endpoint plans

Laurie_Rhodes_0-1652161044550.pngdoesnt match up with the Defender for Servers plans.

If Defender for Servers Plan 1 really is Defender for Endpoint Plan 2... that's great.
...It's just not clear.

best response confirmed by Laurie_Rhodes (Copper Contributor)


MDE plan 1 does not support servers, so I would assume defender for servers plan 1 includes MDE plan 2. I do agree this could use some clarification, since the defender for servers docs are a bit vague here.