MDE Linux Managed JSON

Copper Contributor

Hello everyone,

 

I'm using a combination of Azure Policy + Defender to Cloud to push out MDE to Windows and RHEL servers.

 

For the Windows servers, I'm using the https://security.microsoft.com/ portal to centrally manage the settings, which works great. However, I was told that this doesn't work for Linux systems.

 

When you deploy MDE for Linux, the default settings are in passive mode and the product is basically useless IMO. Is there anyway you can centrally manage the deployment without having to push the mdatp_managed.json file?

 

The servers in question are very DevOps based and we are not utilizing our typical Puppet management tools in this environment. We want everything to be Azure native since we don't have SSH or RDP access to the servers.

 

How are you all getting around this? What is the best method to centrally manage MDE for Linux on hundreds of servers when you don't have SSH access to them?

Thanks in advance.

Eric

2 Replies
@ericl42, a few alternative options to Ansible, Chef, and Puppet are, to use either Azure Automation + DSC or run custom script extensions: Run Custom Script Extension on Linux VMs in Azure - Azure Virtual Machines https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-linux
Thanks,
Yong Rhee - MSFT
Thanks Yong. I was really hoping MS would have a more "cloud native" approach and be able to manage Linux settings/policy similar to how MDE does within Windows.