Microsoft Defender AV client for Windows Server 2008R2 & 2012 R2

%3CLINGO-SUB%20id%3D%22lingo-sub-1592875%22%20slang%3D%22en-US%22%3EMicrosoft%20Defender%20AV%20client%20for%20Windows%20Server%202008R2%20%26amp%3B%202012%20R2%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1592875%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSTRONG%3EOn-boarding%20Windows%20Server%20ATP%20is%20pretty%20simple%2C%20just%20follow%20one%20of%20the%20below%20options%3A%3C%2FSTRONG%3E%3C%2FP%3E%3CUL%3E%3CLI%3E%3CSTRONG%3EOption%201%3C%2FSTRONG%3E%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmicrosoft-defender-atp%2Fconfigure-server-endpoints%23option-1-onboard-windows-servers-through-microsoft-defender-security-center%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EOnboard%20through%20Microsoft%20Defender%20Security%20Center%3C%2FA%3E%3C%2FLI%3E%3CLI%3E%3CSTRONG%3EOption%202%3C%2FSTRONG%3E%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmicrosoft-defender-atp%2Fconfigure-server-endpoints%23option-2-onboard-windows-servers-through-azure-security-center%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EOnboard%20through%20Azure%20Security%20Center%3C%2FA%3E%3C%2FLI%3E%3CLI%3E%3CSTRONG%3EOption%203%3C%2FSTRONG%3E%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmicrosoft-defender-atp%2Fconfigure-server-endpoints%23option-3-onboard-windows-servers-through-microsoft-endpoint-configuration-manager-version-2002-and-later%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EOnboard%20through%20Microsoft%20Endpoint%20Configuration%20Manager%20version%202002%20and%20later%20(only%20for%20Windows%20Server%202012%20R2%20and%20Windows%20Server%202016)%3C%2FA%3E%3C%2FLI%3E%3C%2FUL%3E%3CDIV%20class%3D%22alert%20is-info%22%3E%3CP%20class%3D%22alert-title%22%3EBut%20what%20are%20the%20ways%20of%20configuring%20additional%20policies%20like%20Join%20MAPS%2C%20Scan%20Schedules%2C%20Signature%20update%20defination%20time%20frequency%2C%20Cloud%20enabled%20protection%20and%20Real%20time%20protection%20etc%20documented%20here%20for%20Windows%2010%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmicrosoft-defender-atp%2Fconfigure-endpoints-gp%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmicrosoft-defender-atp%2Fconfigure-endpoints-gp%3C%2FA%3E%3C%2FP%3E%3CP%20class%3D%22alert-title%22%3E%26nbsp%3B%3C%2FP%3E%3CP%20class%3D%22alert-title%22%3EWe%20have%20been%20able%20to%20apply%20the%20applicable%20Defender%20AV%20policies%26nbsp%3B%20documented%20above%20on%20our%20Windows%20Server%202016%20%26amp%3B%202019.%20But%20we%20couldn't%20find%20the%20standalone%20antivirus%20client%20for%20%3CSTRONG%3E%3CFONT%20color%3D%22%23FF0000%22%3EWindows%20Server%202012%20R2%20%26amp%3B%202008%20R2%3C%2FFONT%3E%3C%2FSTRONG%3E%2C%20we%20do%20not%20have%20SCCM%20and%20managing%20our%20endpoints%20via%20Intune%20only.%20Can%20anyone%20guide%20us%20on%20how%20to%20do%20that%20for%20server%202008r2%20%26amp%3B%202012r2.%3C%2FP%3E%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1605967%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Defender%20AV%20client%20for%20Windows%20Server%202008R2%20%26amp%3B%202012%20R2%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1605967%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F471438%22%20target%3D%22_blank%22%3E%4010Guptashash%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EDo%20you%20have%20Active%20Directory%20Domain%20Services%3F%26nbsp%3B%20If%20so%2C%20there%20is%20a%20tool%20named%20Group%20Policy%20(gpmc.msc).%26nbsp%3B%20Upon%20opening%20that%2C%20you%20should%20be%20able%20to%20configure%20the%20settings%20as%20instructed%20in%20the%20link%20you%20have%20provided.%26nbsp%3B%20If%20all%20your%20endpoints%20are%20only%20managed%20from%20cloud%20services%2C%20then%20you%20have%20to%20use%20Intune%20or%20Azure%20Policy%20to%20configure%20them.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHope%20this%20helps%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGladys%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fazsecuritypodcast.net%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fazsecuritypodcast.net%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1606550%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Defender%20AV%20client%20for%20Windows%20Server%202008R2%20%26amp%3B%202012%20R2%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1606550%22%20slang%3D%22en-US%22%3EHey%20Glady%2C%3CBR%20%2F%3E%3CBR%20%2F%3EThe%20GPO%20is%20okay%20(I%20can%20see%20that)%20but%20when%20I%20do%20not%20have%20the%20defender%20antivirus%20installed%20on%20server%202008r2%2C%20what%20is%20the%20point%20of%20using%20the%20GPOs%2C%20what%20I%20need%20to%20know%20is%20what%20AV%20do%20I%20install%20and%20how%20%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1606631%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Defender%20AV%20client%20for%20Windows%20Server%202008R2%20%26amp%3B%202012%20R2%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1606631%22%20slang%3D%22en-US%22%3EAFAIK%2C%20system%20center%20endpoint%20protection%20is%20the%20only%20way%20here%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1606645%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Defender%20AV%20client%20for%20Windows%20Server%202008R2%20%26amp%3B%202012%20R2%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1606645%22%20slang%3D%22en-US%22%3EHey%20Thijs%2C%3CBR%20%2F%3E%3CBR%20%2F%3EFor%20an%20organisation%20that%20doesn't%20have%20SCCM%2C%20can%20they%20still%20Install%20SCEP%20%3F%20Would%20there%20be%20any%20licensing%20issue%20%3F%3CBR%20%2F%3EAnd%20if%20they%20can%20install%20it%20without%20having%20any%20licensing%20compliance%20issues%2C%20from%20where%20can%20they%20download%20and%20Install%20the%20client%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1606655%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Defender%20AV%20client%20for%20Windows%20Server%202008R2%20%26amp%3B%202012%20R2%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1606655%22%20slang%3D%22en-US%22%3EScep%20van%20only%20be%20downloaded%2Flicensed%20through%20SCCM.%3CBR%20%2F%3EBest%20to%20contact%20your%20Microsoft%20account%20manager%2Fpartner.%20They%20might%20be%20able%20to%20help%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1660035%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Defender%20AV%20client%20for%20Windows%20Server%202008R2%20%26amp%3B%202012%20R2%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1660035%22%20slang%3D%22en-US%22%3EIntune%20only%20manages%20Windows%2010.%3CBR%20%2F%3E2008%20%26amp%3B%202012%20can%20be%20managed%20by%20GPO.%3C%2FLINGO-BODY%3E
Highlighted
New Contributor

On-boarding Windows Server ATP is pretty simple, just follow one of the below options:

But what are the ways of configuring additional policies like Join MAPS, Scan Schedules, Signature update defination time frequency, Cloud enabled protection and Real time protection etc documented here for Windows 10: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure...

 

We have been able to apply the applicable Defender AV policies  documented above on our Windows Server 2016 & 2019. But we couldn't find the standalone antivirus client for Windows Server 2012 R2 & 2008 R2, we do not have SCCM and managing our endpoints via Intune only. Can anyone guide us on how to do that for server 2008r2 & 2012r2.

6 Replies
Highlighted

@10Guptashash 

Do you have Active Directory Domain Services?  If so, there is a tool named Group Policy (gpmc.msc).  Upon opening that, you should be able to configure the settings as instructed in the link you have provided.  If all your endpoints are only managed from cloud services, then you have to use Intune or Azure Policy to configure them.

 

Hope this helps,

 

Gladys

https://azsecuritypodcast.net

Highlighted
Hey Glady,

The GPO is okay (I can see that) but when I do not have the defender antivirus installed on server 2008r2, what is the point of using the GPOs, what I need to know is what AV do I install and how ?
Highlighted
AFAIK, system center endpoint protection is the only way here
Highlighted
Hey Thijs,

For an organisation that doesn't have SCCM, can they still Install SCEP ? Would there be any licensing issue ?
And if they can install it without having any licensing compliance issues, from where can they download and Install the client?
Highlighted
Scep van only be downloaded/licensed through SCCM.
Best to contact your Microsoft account manager/partner. They might be able to help
Highlighted
Intune only manages Windows 10.
2008 & 2012 can be managed by GPO.