Migrating workstations and servers to Defender

Occasional Visitor
Hi all,

My organisation is moving its AV to defender for endpoint. I've not administered defender in a corporate environment before so would was hoping to get some advice/help?

We have already begun onboarding our laptops, vdis and workstations and are looking to onboard a couple fileservers too.

Our devices are not currently managed via Intune, so it's a case of setting up the policies in the security portal which hasn't been too bad so far..

However, I wanted to know-

-do we need seperate licences for the file servers?

-how can I split the policies between user devices and servers? I don't see a way to define granular policies per device? And of course, I don't want to set the same user policies on the servers.

Thanks!
Tej
1 Reply

@Tryatt Congratulations on the move! :)

 

My organisation is moving its AV to defender for endpoint. I've not administered defender in a corporate environment before so would was hoping to get some advice/help?

Have a look at my series on Defender here for more info: Microsoft Defender ATP Training Series Part 1: On boarding and basic policies (new endpoint portal) ...


-do we need seperate licences for the file servers?
The best option for servers would be to purchase the standalone License for Servers for 15 USD/ per server and Install agent Microsoft Monitoring Agent (MMA) connect the Azure security center Onboard Windows servers to the Microsoft Defender for Endpoint service | Microsoft Docs


-how can I split the policies between user devices and servers? I don't see a way to define granular policies per device? And of course, I don't want to set the same user policies on the servers.

You could use GPO to setup policies: Configure Microsoft Defender Antivirus with Group Policy | Microsoft Docs

 

Hope this helps!