MDATP Next Generation Protection feature

%3CLINGO-SUB%20id%3D%22lingo-sub-1583034%22%20slang%3D%22en-US%22%3EMDATP%20Next%20Generation%20Protection%20feature%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1583034%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20implementing%20the%20MDATP%20solution%20in%20Azure%20for%20one%20of%20our%20clients.%20The%20endpoints%20will%20be%20mainly%20Windows%20Server%202016%20and%20Windows%20Server%202019%20VMs%20all%20in%20the%20Azure%20cloud.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20would%20be%20on-boarding%20the%20servers%20via%20Azure%20Security%20Center%20(standard%20tier)%20and%20then%20turn%20on%20the%20integration%20with%20MDATP.%20We%20want%20to%20understand%20how%20to%20manage%20the%20Next%20Generation%20Protection%20feature%20for%20MDATP.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20you%20kindly%20help%20answer%20the%20below%20queries%20-%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E1.%20Given%20the%20Microsoft%20Defender%20Antivirus%20will%20be%20a%20part%20of%20the%20image%20for%20Windows%20Server%202016%20and%202019.%2C%20how%20can%20we%20manage%2Fview%20the%20scan%20results%20of%20the%20Antivirus%20feature%20as%20this%20cannot%20be%20done%20using%20the%20MDATP%20security%20center%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E2.%20There%20are%20different%20configuration%20tools%20for%20Defender%20Antivirus%20configuration%20-%20Intune%2C%20Microsoft%20Endpoint%20configuration%20Manager%2C%20Group%20Policies%20etc.%20What%20is%20the%20best%20tool%20to%20manage%20the%20configuration%3F%3C%2FP%3E%3CP%3ENote%3A%20The%20client%20does%20not%20have%20Microsoft%20365%20license%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E3.%20License%20information%20for%20the%20recommended%20configuration%20tool%20above.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3ESmita%20Kulkarni%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1587391%22%20slang%3D%22en-US%22%3ERe%3A%20MDATP%20Next%20Generation%20Protection%20feature%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1587391%22%20slang%3D%22en-US%22%3E1.%20Alerts%20from%20MD%20AV%20are%20also%20in%20the%20portal%20of%20MDATP.%3CBR%20%2F%3E2.%20It%20really%20depends%20on%20your%20current%20environment%20and%20what%20you%20are%20using%20ATM.%20MEMCM%20and%20Intune%20are%20the%20most%20integrated%20and%20have%20the%20easiest%20wizards.%20Intune%20has%20more%20features%20available%20than%20MEMCM%3CBR%20%2F%3E%3CBR%20%2F%3E3.%20GPO's%20are%20free%20%3A).%3CBR%20%2F%3EMEMCM%2FIntune%20are%20included%20in%20an%20EMS%20E3%20license%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1589195%22%20slang%3D%22en-US%22%3ERe%3A%20MDATP%20Next%20Generation%20Protection%20feature%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1589195%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F186539%22%20target%3D%22_blank%22%3E%40Thijs%20Lecomte%3C%2FA%3E%26nbsp%3Bfor%20your%20response.%20Much%20appreciated.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi, 

 

We are implementing the MDATP solution in Azure for one of our clients. The endpoints will be mainly Windows Server 2016 and Windows Server 2019 VMs all in the Azure cloud. 

 

We would be on-boarding the servers via Azure Security Center (standard tier) and then turn on the integration with MDATP. We want to understand how to manage the Next Generation Protection feature for MDATP. 

 

Can you kindly help answer the below queries - 

 

1. Given the Microsoft Defender Antivirus will be a part of the image for Windows Server 2016 and 2019., how can we manage/view the scan results of the Antivirus feature as this cannot be done using the MDATP security center?

 

2. There are different configuration tools for Defender Antivirus configuration - Intune, Microsoft Endpoint configuration Manager, Group Policies etc. What is the best tool to manage the configuration?

Note: The client does not have Microsoft 365 license

 

3. License information for the recommended configuration tool above. 

 

Regards,

Smita Kulkarni

2 Replies
1. Alerts from MD AV are also in the portal of MDATP.
2. It really depends on your current environment and what you are using ATM. MEMCM and Intune are the most integrated and have the easiest wizards. Intune has more features available than MEMCM

3. GPO's are free :).
MEMCM/Intune are included in an EMS E3 license

Thanks @Thijs Lecomte for your response. Much appreciated.