cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Offboarding v Trashing

rob_wood_8894
Brass Contributor

‎Oct 19 2022 12:57 AM

‎Oct 19 2022 12:57 AM

Offboarding v Trashing

Hello,

I have a client that uses an autoscaling solution to stand up and down EC2 Instances with Linux hosts.  These are ephemeral and may be trashed at any time due to resources reallocation.  The hosts are onboarded to Azure using Azure Arc and are then Onboarded to MDE. 

 

Bearing in mind that you can have multiple instances in the Defender portal with the same hostname, is there any difference between Offboarding and trashing a server in terms of what happens in the portal and licencing.  Currently they are using the Defender for Endpoint Server licence model but may move to Defender for Servers Plan 2 in the future.

 

I'd appreciate an official response from Microsoft

 

Kind regards,

 

Rob

 

562 Views
0 Likes
1 Reply
Reply
1 Reply
SocInABox

‎Oct 19 2022 12:23 PM - edited ‎Oct 19 2022 12:26 PM

‎Oct 19 2022 12:23 PM - edited ‎Oct 19 2022 12:26 PM

Re: Offboarding v Trashing

Hi Rob,
From my experience, Defender for Endpoint is a fixed license contract so if you buy 50 you have 50 to work with.
When you start applying Defender for Server you don't have to buy a separate license, it's just included in your Azure subscription so whatever you used for that month is just added to your bill.
Typically Defender for Server will be applied when you set up Defender for cloud under the Workload Protections.

0 Likes
Reply