Forum Discussion

10Guptashash's avatar
10Guptashash
Copper Contributor
Aug 17, 2020

Microsoft Defender AV client for Windows Server 2008R2 & 2012 R2

On-boarding Windows Server ATP is pretty simple, just follow one of the below options:

But what are the ways of configuring additional policies like Join MAPS, Scan Schedules, Signature update defination time frequency, Cloud enabled protection and Real time protection etc documented here for Windows 10: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp

 

We have been able to apply the applicable Defender AV policies  documented above on our Windows Server 2016 & 2019. But we couldn't find the standalone antivirus client for Windows Server 2012 R2 & 2008 R2, we do not have SCCM and managing our endpoints via Intune only. Can anyone guide us on how to do that for server 2008r2 & 2012r2.

  • 10Guptashash 

    Do you have Active Directory Domain Services?  If so, there is a tool named Group Policy (gpmc.msc).  Upon opening that, you should be able to configure the settings as instructed in the link you have provided.  If all your endpoints are only managed from cloud services, then you have to use Intune or Azure Policy to configure them.

     

    Hope this helps,

     

    Gladys

    https://azsecuritypodcast.net

    • 10Guptashash's avatar
      10Guptashash
      Copper Contributor
      Hey Glady,

      The GPO is okay (I can see that) but when I do not have the defender antivirus installed on server 2008r2, what is the point of using the GPOs, what I need to know is what AV do I install and how ?
      • Thijs Lecomte's avatar
        Thijs Lecomte
        Bronze Contributor
        AFAIK, system center endpoint protection is the only way here
  • Thiago_Mota's avatar
    Thiago_Mota
    Brass Contributor
    Intune only manages Windows 10.
    2008 & 2012 can be managed by GPO.
  • If anyone reading this is looking for step-by-step guidance on how to install Microsoft Defender for Endpoint, be sure to review the Defender setup guide in the Microsoft 365 admin center.

     

    The guide has a great feature where it can detect settings in your tenant to provide tailored guidance. Additionally, the setup guide is used to view and configure features as well as save time with automated investigation and response. Microsoft Defender for Endpoint enables enhanced security by protecting cyber threats, advanced attacks and data breaches, automate security incidents, and enhance the current level of security already in place.

     

    Note: If you don't have Microsoft 365 admin permissions, open the guide in a test or POC tenant to get instructions.

Resources