Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Onboarding Servers to Microsoft Defender has problem with internet connectivity.

Brass Contributor



We need to onboard Windows and Linux server to Microsoft Defender.

We are trying to onboard the servers with a firewall that not working with URL allowing technique, so we can't add the wildcard URL to the firewall, it's just working with URL mapped to IP, if we need to get all URL with IP, there will be too much allowing rules (as you know there are a lot of urls to allowing through internet), so we are tried to find other solution.


We checked OMS Gateway (Connecting servers without Internet access to Windows Defender ATP - Microsoft Tech Community) which can be implemented in specific server and all the servers connect to internet though it, but it's seem that risky in security domain, bcz it's http forward proxy, also it's just working as forwarder and we can take action in server like Isolation, live response,,,etc.


We are trying to find another solution for onboarding.

Is there a subnets that combined all URL need to be allowed? or Dns server have all URLs ?or other workaround way for this onboarding?



Thank you.





3 Replies


Hello, I know some companies uses a firewall with a so called "updateable objects" which will update automatically all IP addresses or URL for the defender services if they change. I don´t know if your firewall have such a feature.


Regarding your OMS topic we cancelled that way because of the new unified solution package for Windows Server 2012 R2 and 2016 because the new solution, like Microsoft Defender for Endpoint on Windows Server 2019, Windows Server 2022, and Windows 10, does not support this gateway.


source: Known issues and limitations in the new, unified solution package for Windows Server 2012 R2 and 201...

Thank you for these details, for "updatable objects" is there a link that contains all URL mapped to IP and it's continuously updated.
In general, how this implementation can be done?


Check the Microsoft Defender for Endpoint URLs list for the complete list of requirements for your region (refer to the Service URLs Spreadsheet).