Defender Sensor Proxy Settings - Windows Servers

%3CLINGO-SUB%20id%3D%22lingo-sub-2387437%22%20slang%3D%22en-US%22%3EWindows%20Servers%20-%20Defender%20Sensor%20Proxy%20Settings%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2387437%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20All%2C%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EWe%20are%20in%20the%20process%20of%20onboarding%20our%20on-premises%20Windows%20Servers%20to%20Defender%20for%20Endpoint%20(ATP).%20As%20for%20internet%20connectivity%20majority%20of%20our%20servers%20do%20not%20have%20direct%20internet%20access%20and%20will%20need%20to%20configure%20the%20devices%20to%20use%20an%20internal%20proxy%20server.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20only%20want%20to%20allow%20Endpoint%20sensor%20to%20report%20diagnostic%20data%20and%20communicate%20with%20Defender%20for%20Endpoint%20services%20and%20the%20registry-based%20static%20proxy%20not%20to%20affect%20any%20application%2Fservers%20that%20may%20have%20other%20connections.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFor%20older%20versions%20of%20the%20Windows%20Servers%20the%20Microsoft%20Monitoring%20Agent%20(MMA)%20can%20be%20set%20to%20authenticate%20before%20using%20the%20proxy%20server.%20As%20for%20Windows%20Server%202019%20I%20cannot%20see%20an%20option%20or%20settings%20to%20set%20for%20proxy%20authentication.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E*Proxy%20setting%20only%20for%20endpoint%20sensor%20and%20telemetry%20not%20for%20all%20internet%20connections.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMS%20REF%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Fdefender-endpoint%2Fconfigure-proxy-internet%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EConfigure%20device%20proxy%20and%20Internet%20connection%20settings%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20help%20will%20be%20appreciated.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EKind%20regards%2C%3C%2FP%3E%3CP%3EMo%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2446668%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20Sensor%20Proxy%20Settings%20-%20Windows%20Servers%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2446668%22%20slang%3D%22en-US%22%3EHi%20Ambarish%2C%3CBR%20%2F%3E%3CBR%20%2F%3EThank%20you%20for%20your%20reply.%20I%20am%20able%20to%20configure%20this%20setting%20on%20any%202016%20and%20older%20servers%20as%20they%20require%20MMA%20for%20data%20transmission%20to%20Microsoft%20Defender%20for%20Endpoint%20management%20console%20(securitycenter.windows.com).%20My%20problem%20is%20for%202019%20servers.%20MMA%20is%20not%20deployed%20because%20EDR%20is%20natively%20built-in%2C%20Is%20there%20any%20settings%20in%20Server%202019%20to%20set%20proxy%20settings%20with%20authentication.%3CBR%20%2F%3E%3CBR%20%2F%3EKind%20regards%2C%3CBR%20%2F%3EMo%3C%2FLINGO-BODY%3E
Occasional Contributor

Hi All,


We are in the process of onboarding our on-premises Windows Servers to Defender for Endpoint (ATP). As for internet connectivity majority of our servers do not have direct internet access and will need to configure the devices to use an internal proxy server.

 

We only want to allow Endpoint sensor to report diagnostic data and communicate with Defender for Endpoint services and the registry based static proxy not to affect any application/servers that may have other connections.

 

For older versions of the Windows Servers the Microsoft Monitoring Agent (MMA) can be set to authenticate before using the proxy server. As for Windows Server 2019 I cannot see an option or settings to set for proxy authentication.

 

*Proxy setting only for endpoint sensor and telemetry not for all internet connections.

 

MS REF:

 

Configure device proxy and Internet connection settings | Microsoft Docs

 

Any help will be appreciated.

 

 

Kind regards,

Mo

2 Replies

@MoAlom 

Microsoft Monitoring Agent has the option to set proxy settings with authentication.

Microsoft Monitoring Agent Setup | Microsoft Docs

 

2021-06-02 11_48_45-.png

Hi Ambarish,

Thank you for your reply. I am able to configure this setting on any 2016 and older servers as they require MMA for data transmission to Microsoft Defender for Endpoint management console (securitycenter.windows.com). My problem is for 2019 servers. MMA is not deployed because EDR is natively built-in, Is there any settings in Server 2019 to set proxy settings with authentication.

Kind regards,
Mo