Migrating workstations and servers to Defender

%3CLINGO-SUB%20id%3D%22lingo-sub-2288786%22%20slang%3D%22en-US%22%3EMigrating%20workstations%20and%20servers%20to%20Defender%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2288786%22%20slang%3D%22en-US%22%3EHi%20all%2C%3CBR%20%2F%3E%3CBR%20%2F%3EMy%20organisation%20is%20moving%20its%20AV%20to%20defender%20for%20endpoint.%20I've%20not%20administered%20defender%20in%20a%20corporate%20environment%20before%20so%20would%20was%20hoping%20to%20get%20some%20advice%2Fhelp%3F%3CBR%20%2F%3E%3CBR%20%2F%3EWe%20have%20already%20begun%20onboarding%20our%20laptops%2C%20vdis%20and%20workstations%20and%20are%20looking%20to%20onboard%20a%20couple%20fileservers%20too.%3CBR%20%2F%3E%3CBR%20%2F%3EOur%20devices%20are%20not%20currently%20managed%20via%20Intune%2C%20so%20it's%20a%20case%20of%20setting%20up%20the%20policies%20in%20the%20security%20portal%20which%20hasn't%20been%20too%20bad%20so%20far..%3CBR%20%2F%3E%3CBR%20%2F%3EHowever%2C%20I%20wanted%20to%20know-%3CBR%20%2F%3E%3CBR%20%2F%3E-do%20we%20need%20seperate%20licences%20for%20the%20file%20servers%3F%3CBR%20%2F%3E%3CBR%20%2F%3E-how%20can%20I%20split%20the%20policies%20between%20user%20devices%20and%20servers%3F%20I%20don't%20see%20a%20way%20to%20define%20granular%20policies%20per%20device%3F%20And%20of%20course%2C%20I%20don't%20want%20to%20set%20the%20same%20user%20policies%20on%20the%20servers.%3CBR%20%2F%3E%3CBR%20%2F%3EThanks!%3CBR%20%2F%3ETej%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2288786%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EDefender%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EServers%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EServers%20Onboarding%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2412295%22%20slang%3D%22en-US%22%3ERe%3A%20Migrating%20workstations%20and%20servers%20to%20Defender%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2412295%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1036333%22%20target%3D%22_blank%22%3E%40Tryatt%3C%2FA%3E%26nbsp%3BCongratulations%20on%20the%20move!%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CEM%3EMy%20organisation%20is%20moving%20its%20AV%20to%20defender%20for%20endpoint.%20I've%20not%20administered%20defender%20in%20a%20corporate%20environment%20before%20so%20would%20was%20hoping%20to%20get%20some%20advice%2Fhelp%3F%3C%2FEM%3E%3C%2FP%3E%3CP%3EHave%20a%20look%20at%20my%20series%20on%20Defender%20here%20for%20more%20info%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DaHhjQKtbS98%26amp%3Blist%3DPL7QZvnh1gmjojV24Ut4nRzPjaEtaEWhv2%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EMicrosoft%20Defender%20ATP%20Training%20Series%20Part%201%3A%20On%20boarding%20and%20basic%20policies%20(new%20endpoint%20portal)%20-%20YouTube%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CBR%20%2F%3E%3CEM%3E-do%20we%20need%20seperate%20licences%20for%20the%20file%20servers%3F%3C%2FEM%3E%3CBR%20%2F%3EThe%20best%20option%20for%20servers%20would%20be%20to%20purchase%20the%26nbsp%3B%3CSPAN%3Estandalone%20License%20for%20Servers%20for%2015%20USD%2F%20per%20server%20and%20Install%20agent%20Microsoft%20Monitoring%20Agent%20(MMA)%20connect%20the%20Azure%20security%20center%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Fdefender-endpoint%2Fconfigure-server-endpoints%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EOnboard%20Windows%20servers%20to%20the%20Microsoft%20Defender%20for%20Endpoint%20service%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CBR%20%2F%3E%3CEM%3E-how%20can%20I%20split%20the%20policies%20between%20user%20devices%20and%20servers%3F%20I%20don't%20see%20a%20way%20to%20define%20granular%20policies%20per%20device%3F%20And%20of%20course%2C%20I%20don't%20want%20to%20set%20the%20same%20user%20policies%20on%20the%20servers.%3C%2FEM%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EYou%20could%20use%20GPO%20to%20setup%20policies%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Fdefender-endpoint%2Fuse-group-policy-microsoft-defender-antivirus%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EConfigure%20Microsoft%20Defender%20Antivirus%20with%20Group%20Policy%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EHope%20this%20helps!%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Visitor
Hi all,

My organisation is moving its AV to defender for endpoint. I've not administered defender in a corporate environment before so would was hoping to get some advice/help?

We have already begun onboarding our laptops, vdis and workstations and are looking to onboard a couple fileservers too.

Our devices are not currently managed via Intune, so it's a case of setting up the policies in the security portal which hasn't been too bad so far..

However, I wanted to know-

-do we need seperate licences for the file servers?

-how can I split the policies between user devices and servers? I don't see a way to define granular policies per device? And of course, I don't want to set the same user policies on the servers.

Thanks!
Tej
1 Reply

@Tryatt Congratulations on the move! :)

 

My organisation is moving its AV to defender for endpoint. I've not administered defender in a corporate environment before so would was hoping to get some advice/help?

Have a look at my series on Defender here for more info: Microsoft Defender ATP Training Series Part 1: On boarding and basic policies (new endpoint portal) ...


-do we need seperate licences for the file servers?
The best option for servers would be to purchase the standalone License for Servers for 15 USD/ per server and Install agent Microsoft Monitoring Agent (MMA) connect the Azure security center Onboard Windows servers to the Microsoft Defender for Endpoint service | Microsoft Docs


-how can I split the policies between user devices and servers? I don't see a way to define granular policies per device? And of course, I don't want to set the same user policies on the servers.

You could use GPO to setup policies: Configure Microsoft Defender Antivirus with Group Policy | Microsoft Docs

 

Hope this helps!