cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community
Find out more
SOLVED

Some questions about MMA agent Upgrade/Migration

SMJ91
Copper Contributor

‎Sep 20 2023 02:31 PM

‎Sep 20 2023 02:31 PM

Some questions about MMA agent Upgrade/Migration

Hi there,

 

We received a message to upgrade our Log Analytics Workspace agent (MMA) to a newer version. We use MDE and the servers it concerns are ARC-enabled Windows 2012 R2 servers and Windows 2016 servers. We do not use Microsoft Endpoint Configuration Manager or Microsoft Defender for Cloud. So that means we should follow this guide: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/server-migration?view=o36... as far as I can tell and then follow the steps under 'Installer script'.

 

Now here are my questions:

- What can go wrong during this migration? How can I safely test this without breaking anything? And is there any rollback posibility for if it goes wrong?

 

- I also read here that you can just install the new MMA version, is that correct? Because that option is only mentioned for the 2008 servers and not for 2012 or 2016 in the Microsoft documentation. 

 

- We plan to upgrade the Windows 2012 R2 servers to Windows 2019 or Windows 2022, but the Microsoft document about MMA upgrades makes no mention of those at all. What then should be done in those cases?

 

Thanks in advance.

368 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by SMJ91 (Copper Contributor)
LeonPavesic

‎Sep 20 2023 11:56 PM

‎Sep 20 2023 11:56 PM

Solution

Re: Some questions about MMA agent Upgrade/Migration

Hi @SMJ91,

Here are some potential problems that can occur during the migration:

  • The migration may not complete successfully, leaving the servers without any security protection.
  • The migration may cause performance problems on the servers.
  • The migration may cause compatibility issues with existing applications.

To safely test the migration, you can create a test environment and migrate a small number of servers first.
If the migration is successful, you can then migrate the remaining servers.
If the migration does go wrong, you can try to roll back to the previous version of the agent. However, this is not always possible and may require a reinstall of the operating system.

 

Yes, you can install the new MMA version on Windows 2012 R2 and Windows 2016 servers. However, Microsoft recommends upgrading to the new, unified agent for Defender for Endpoint. This agent provides a number of advantages over the MMA agent, including:

  • Improved performance and reliability
  • Support for new features and capabilities
  • A simplified installation and configuration process

 

If you are planning to upgrade your Windows 2012 R2 servers to Windows 2019 or Windows 2022, you should install the new, unified agent for Defender for Endpoint on the new operating system.

Recommendations

Here are some recommendations for migrating your servers:

  1. Create a test environment and migrate a small number of servers first to test the migration process and identify any potential problems.
  2. Upgrade to the new, unified agent for Defender for Endpoint instead of the MMA agent.
  3. If you are planning to upgrade your Windows 2012 R2 servers to Windows 2019 or Windows 2022, install the new, unified agent for Defender for Endpoint on the new operating system.

you can use this links as a guide:


Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.


If the post was useful in other ways, please consider giving it Like.


Kindest regards,


Leon Pavesic

1 Like
Reply