SOLVED

Defender for Servers - Plan 1

Occasional Contributor

Microsoft have just released a new plan for Defender for Servers which has a reduced set of functionality entitlement for Azure services.

https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-servers-introduction

 

Presumably this is because Defender on Servers is broarder than just Azure hosting and targetting multi-cloud and onprem systems.  What isn't clear from the documentation yet is if Defender for Servers Plan 1 does contain all the features of Defender for Endpoint Plan 2.

 

Laurie_Rhodes_0-1652151739671.png

 

I'd really love clarification if features like "Live Response" on servers are included with the new Defender on Servers Plan 1?

 

3 Replies
Hi @Laurie_Rhodes,
My understanding is/was that "Defender for Servers" is effectively the cut down version of Defender for Cloud and is more of a commercial construct? But thanks for sharing those details

Hey David.

The name changes with "Defender" products over the past two years has been hard to keep up with. The way I see it is that "Defender for Cloud" is a catalogue of Defender products that protect cloud services. Up until a couple of months ago Defender for Servers was the new name for Windows Defender / Microsoft Defender that was installed on Servers. Those too were new names for "Azure Anti-Malware" and "Defender ATP" which had advanced security capability within the endpoint.

I have seen a couple of Microsoft pages in the last week refer to the Defender client software that's deployed as "Defender for Servers - Plan 1" from Security Center / Defender for Cloud as actually being "Defender for Endpoint". The only issue with saying Defender for Endpoint as a product now covers Servers is that DfE has two different plans for internal capability... Plan 2 being the old "ATP" advanced security functionality in the client. The functionality matrix of Defender for Endpoint plans

Laurie_Rhodes_0-1652161044550.pngdoesnt match up with the Defender for Servers plans.

If Defender for Servers Plan 1 really is Defender for Endpoint Plan 2... that's great.
...It's just not clear.

best response confirmed by Laurie_Rhodes (Occasional Contributor)
Solution

@Laurie_Rhodes 

MDE plan 1 does not support servers, so I would assume defender for servers plan 1 includes MDE plan 2. I do agree this could use some clarification, since the defender for servers docs are a bit vague here.

Jonhed_0-1652184649486.png