Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Can anyone help me What is the difference between Defender for Endpoint, Defender for Cloud

Brass Contributor

Can anyone help me to understand What is the difference between Defender for Endpoint, Defender for Cloud, Defender for Server, and Azure Arc? I am confused with each one of them . I have looked into many places but I did not get any proper answer .It would be great if someone explains difference between Defender for Server, and Azure Arc.

There in one more thing I created a normal post, click Post and get an error:

Correct the highlighted errors and try again.

Post flooding detected (community received posts of a unique message more than 1 times within 300 seconds)

So apparently I can't post for an hour. I've given up and gone somewhere else, this feature needs fixing, I didn't do anything odd just wrote a post and hit the post button.

3 Replies
best response confirmed by faruk2bd1971 (Brass Contributor)
Solution
Common question I receive is : What is the difference between Defender for Endpoint, Defender for Cloud, Defender for Server, and Azure Arc? And why do we need all components when deploying Defender for Endpoint on servers? Let’s explain it more in-depth.
Defender for Cloud is a Cloud-native application protection platform based on Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP).
Defender for Cloud offers multiple Defender plans for more in-depth security. Available plans:
– Defender CSPM
– Defender for Servers
– Defender for App Service
– Defender for Databases
– Defender for Storage
– Defender for Containers
– Defender for Key Vault
– Defender for Resource Manager
– Defender for DNS
The Defender for Servers plan is part of Defender for Cloud and is available in two pricing models; P1/ P2. P1 focused on a limited set of defenses with a strong focus on Defender for Endpoint technology. P2 contains the full set of Defender for Cloud-enhanced security features including for example; Network layer threat detection, FIM, Qualys vulnerability assessment, and 500MB free data ingestion.
P1=$5 Server/Month (calculated for running time)
P2=$15 Server/Month (calculated for running time)
When you have Microsoft Defender for Severs Plan 1, it includes Microsoft Defender for Endpoint Plan 2. Both P1/ P2 contains all features of Defender for Endpoint P2.
By integrating Defender for Endpoint with Defender for Cloud, it gives the following benefits:
Automated onboarding
Azure Arc (On-Prem) can be easily deployed using Defender for Cloud
The Defender for Cloud portal pages display Defender for Endpoint alerts
After enabling the Defender for Endpoint integration in Defender for Cloud machines will be provisioned. The configuration/ installation is pushed using Azure Policies and contains the onboarding script and additional configuration. The result is the MDE.Windows VM extension for Windows Server 2012R2 and higher.
Azure Arc functions as a bridge that extends the Azure platform to on-premises environments or other clouds (AWS/ GCP). For connecting servers with Azure Arc, it is needed to use Azure Arc-enabled servers and the Azure Connected Machine agent on supported systems.
Thank you Sabbir rubayat . It explains everything
1 best response

Accepted Solutions
best response confirmed by faruk2bd1971 (Brass Contributor)
Solution
Common question I receive is : What is the difference between Defender for Endpoint, Defender for Cloud, Defender for Server, and Azure Arc? And why do we need all components when deploying Defender for Endpoint on servers? Let’s explain it more in-depth.
Defender for Cloud is a Cloud-native application protection platform based on Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP).
Defender for Cloud offers multiple Defender plans for more in-depth security. Available plans:
– Defender CSPM
– Defender for Servers
– Defender for App Service
– Defender for Databases
– Defender for Storage
– Defender for Containers
– Defender for Key Vault
– Defender for Resource Manager
– Defender for DNS
The Defender for Servers plan is part of Defender for Cloud and is available in two pricing models; P1/ P2. P1 focused on a limited set of defenses with a strong focus on Defender for Endpoint technology. P2 contains the full set of Defender for Cloud-enhanced security features including for example; Network layer threat detection, FIM, Qualys vulnerability assessment, and 500MB free data ingestion.
P1=$5 Server/Month (calculated for running time)
P2=$15 Server/Month (calculated for running time)
When you have Microsoft Defender for Severs Plan 1, it includes Microsoft Defender for Endpoint Plan 2. Both P1/ P2 contains all features of Defender for Endpoint P2.
By integrating Defender for Endpoint with Defender for Cloud, it gives the following benefits:
Automated onboarding
Azure Arc (On-Prem) can be easily deployed using Defender for Cloud
The Defender for Cloud portal pages display Defender for Endpoint alerts
After enabling the Defender for Endpoint integration in Defender for Cloud machines will be provisioned. The configuration/ installation is pushed using Azure Policies and contains the onboarding script and additional configuration. The result is the MDE.Windows VM extension for Windows Server 2012R2 and higher.
Azure Arc functions as a bridge that extends the Azure platform to on-premises environments or other clouds (AWS/ GCP). For connecting servers with Azure Arc, it is needed to use Azure Arc-enabled servers and the Azure Connected Machine agent on supported systems.

View solution in original post