May 09 2022 08:05 PM
Microsoft have just released a new plan for Defender for Servers which has a reduced set of functionality entitlement for Azure services.
https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-servers-introduction
Presumably this is because Defender on Servers is broarder than just Azure hosting and targetting multi-cloud and onprem systems. What isn't clear from the documentation yet is if Defender for Servers Plan 1 does contain all the features of Defender for Endpoint Plan 2.
I'd really love clarification if features like "Live Response" on servers are included with the new Defender on Servers Plan 1?
May 09 2022 09:03 PM
May 09 2022 10:35 PM - edited May 09 2022 10:38 PM
Hey David.
The name changes with "Defender" products over the past two years has been hard to keep up with. The way I see it is that "Defender for Cloud" is a catalogue of Defender products that protect cloud services. Up until a couple of months ago Defender for Servers was the new name for Windows Defender / Microsoft Defender that was installed on Servers. Those too were new names for "Azure Anti-Malware" and "Defender ATP" which had advanced security capability within the endpoint.
I have seen a couple of Microsoft pages in the last week refer to the Defender client software that's deployed as "Defender for Servers - Plan 1" from Security Center / Defender for Cloud as actually being "Defender for Endpoint". The only issue with saying Defender for Endpoint as a product now covers Servers is that DfE has two different plans for internal capability... Plan 2 being the old "ATP" advanced security functionality in the client. The functionality matrix of Defender for Endpoint plans
doesnt match up with the Defender for Servers plans.
If Defender for Servers Plan 1 really is Defender for Endpoint Plan 2... that's great.
...It's just not clear.
May 10 2022 05:12 AM
SolutionMDE plan 1 does not support servers, so I would assume defender for servers plan 1 includes MDE plan 2. I do agree this could use some clarification, since the defender for servers docs are a bit vague here.
May 10 2022 05:12 AM
SolutionMDE plan 1 does not support servers, so I would assume defender for servers plan 1 includes MDE plan 2. I do agree this could use some clarification, since the defender for servers docs are a bit vague here.