cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Do I need to host Azure ATP (Defender for Identity) in my own servers?

Sal_Mirza
Copper Contributor

‎Feb 04 2021 03:24 PM

‎Feb 04 2021 03:24 PM

Do I need to host Azure ATP (Defender for Identity) in my own servers?

Hi all,

 

Our organization has planned to move away from Microsoft ATA (Advanced Threat Analytics) to Azure ATP (Defender for Identity).

 

Right now, we are hosting the Microsoft ATA consoles in cloud instances (AWS, GCP, and on-prem).

 

If we make the switch to Azure ATP, will we need to retain these servers so we can install Azure ATP on them?

 

Or is the case that Azure ATP is a SaaS product that is hosted and managed by Microsoft (and we do not have to worry about spinning up and maintaining Windows Servers).

 

Can someone please provide some clarity?

 

Thanks in advance!

 

Best,

Sal

840 Views
0 Likes
1 Reply
Reply
1 Reply
Eli Ofek

‎Feb 04 2021 03:33 PM

‎Feb 04 2021 03:33 PM

Re: Do I need to host Azure ATP (Defender for Identity) in my own servers?

@Sal_Mirza 
The equivalent of the "Center" machine is now a hosted service managed by Microsoft, so You don't need this machine any more.

 

The Equivalent if the "Gateways" is now called "Sensors", and those are replacing the Gateways, still installed on your machines, only in MDI, the best practice is to install them on the DC itself  and not as a standalone machine with port mirroring, as  this way we get more data sources from the machine and doing much better detection.
Also, MDI supports multi forest, so in case you had to work with multiple Center machines before, you don't need that any more and can get full/better coverage with a single MDI tenant.

1 Like
Reply