MDE Linux Managed JSON

ericl42 · ‎Aug 09 2022

Hello everyone,

I'm using a combination of Azure Policy + Defender to Cloud to push out MDE to Windows and RHEL servers.

For the Windows servers, I'm using the https://security.microsoft.com/ portal to centrally manage the settings, which works great. However, I was told that this doesn't work for Linux systems.

When you deploy MDE for Linux, the default settings are in passive mode and the product is basically useless IMO. Is there anyway you can centrally manage the deployment without having to push the mdatp_managed.json file?

The servers in question are very DevOps based and we are not utilizing our typical Puppet management tools in this environment. We want everything to be Azure native since we don't have SSH or RDP access to the servers.

How are you all getting around this? What is the best method to centrally manage MDE for Linux on hundreds of servers when you don't have SSH access to them?

Thanks in advance.

Eric

Yong Rhee · ‎Aug 10 2022

@ericl42, a few alternative options to Ansible, Chef, and Puppet are, to use either Azure Automation + DSC or run custom script extensions: Run Custom Script Extension on Linux VMs in Azure - Azure Virtual Machines https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-linux
Thanks,
Yong Rhee - MSFT

ericl42 · ‎Aug 31 2022

Thanks Yong. I was really hoping MS would have a more "cloud native" approach and be able to manage Linux settings/policy similar to how MDE does within Windows.

MDE Linux Managed JSON

MDE Linux Managed JSON

Re: MDE Linux Managed JSON

Re: MDE Linux Managed JSON

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

MDE Linux Managed JSON