Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Permit access for VM machine in Azure to Microsoft Defender365 via NSG rules

Copper Contributor

According to Azure service tags overview | Microsoft Learn Service Tag MicrosoftDefenderForEndpoint is not available since a long long time and no one know when Microsoft will add this. 

 

In the meantime I'm looking for a list of IP CIDR's so Virtual Machine within Azure can communicate with Microsoft Defender 365 (https://security.microsoft.com/).

 

Deploying Azure Firewall for this is unacceptable (cost is very high).

 

 

 

4 Replies

@magielonczyk now you can onboard your VM with the new streamlined onboarding experience, the Defender for Endpoint-recognized simplified domain *.endpoint.security.microsoft.com will consolidate and replace URLs. So from your NSG outbound rule open connectivity to this url to allow your VM to communicate with MDE 

 

Microsoft Defender for Endpoint - Streamline device connectivity

@eliekarkafy
How with Network Security Groups we can permit access with IP's CIDR instead of Service Tags for Microsoft Defender for Endpoint ?
run the MDE analyzer on your Azure VM to know which IP or URL your machine is trying to connect to

https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/run-analyzer-windows?view...
https://feedback.azure.com/d365community/search/?q=MicrosoftDefenderForEndpoint - anyone can vote here for this tag to get availability.

Microsoft confirms that there is no GA for this service tag "MicrosoftDefenderForEnpoint". This will be remove soon from the service tag lists...