Now more than ever, small businesses are being affected by cyber-attacks—and servers are a common target. They represent an opportunity to access your business from the outside through potentially vulnerable internet-facing services such as web applications and email.
As attackers become more sophisticated, traditional signature-based antivirus can’t keep up. A holistic approach is needed to identify, protect, detect, and respond to threats to your servers. You need to elevate your endpoint security beyond traditional antivirus, with a simple and cost-effective solution. This is where Microsoft Defender for Business can help.
Server security in Defender for Business is now generally available as an add-on license to Microsoft 365 Business Premium and Defender for Business subscriptions, for customers who have up to 60 server instances within their environment.
The Microsoft Defender for Business server add-on brings Windows Server and Linux operating system support to Defender for Business for $3 per server instance per month. It’s available to try and buy now from https://aka.ms/DefenderforBusiness, or from the Microsoft Admin Center.
We launched a preview of server security in Defender for Business on July 13th 2022. Preview is now complete and if you onboarded servers during this time you have two options:
- Purchase Defender for Business server add-on for $3 per server instance per month to continue securing servers. The service will continue to protect servers uninterrupted without the need for re-onboarding or configuration changes.
- Offboard servers from Defender for Business.
Identify and fix vulnerabilities
Proactive hardening of servers is a critical task to secure them from outside threats. To reduce risk, you should keep them up to date with patches, ensure software is configured correctly, and monitor their state 24/7.
Onboarding devices and servers into Defender for Business is a fast way to understand the security posture of your endpoints. Threat and vulnerability management (TVM) equips you with insights into risks that are impacting your devices and servers. Continuous vulnerability discovery and intelligent prioritization brings together business and threat context to provide you with actionable recommendations to improve security posture.
With TVM included within Defender for Business, it becomes easier than ever to identify your environment’s weaknesses and act quickly to fix vulnerabilities. Learn more about Threat and Vulnerability Management in Defender for Business.
Protect, detect, and respond
Security is activated out-of-the-box with Defender for Business through the application of default policies that help protect devices and servers from day one. Endpoint Detection and Response capabilities will help monitor for threats on these endpoints to ensure incidents can be tracked across users, files, processes, devices, and servers. Automated incident response acts like your own 24/7 security operator helping to remediate issues on your behalf, saving time and allowing you to focus on priority actions across your environment.
Let’s take a look at how this works for server operating systems.
Windows Servers
You can manage Windows Server and Windows client devices with the same wizard-driven onboarding, antivirus, and firewall settings directly from the Microsoft 365 Defender security admin portal. Simplified security admin experiences are available when using Windows Server 2012R2 and later. You can onboard servers using Microsoft Intune (included with Microsoft 365 Business Premium), local scripts, Group Policy, or with Configuration Manager. Learn more at Onboard devices to Microsoft Defender for Business.
Linux servers
You can use deployment scripts to onboard Linux servers into Defender for Business. Alternatively, you can integrate these scripts to an existing management platform such as Chef, Puppet, and Ansible to onboard your servers. Recommended security settings are also activated out-of-the-box, and supported Linux versions can be found here. Learn more at Onboard devices to Microsoft Defender for Business.
If you are a Microsoft CSP partner using Microsoft 365 Lighthouse you can view security alerts, incidents, and the device list across multiple customers from a single admin experience. With the addition of servers into Defender for Business, you will now see the incident and alert information displayed on the Device Security page.
Feedback and community engagement
We want you to use Defender for Business and tell us about your experience. Your input is important to us, we’re listening, and we want your feedback. Here are some ways you can engage with us:
- In-product help and support
- SMB Tech Community – engage the product team for questions and feedback.
- Yammer for Microsoft 365 Partners
Learn more
Secure your servers today with the Defender for Business servers add-on. Learn more using these other resources:
For customers
- Microsoft Defender for Business – Web page
- Microsoft Defender for Business – Documentation
- Microsoft Defender for Business - Trial guide
- Microsoft Defender for Business - What's new?
For IT partners
- Microsoft Defender for Business Partner Kit
- Microsoft 365 Business Premium Partner Playbook
- Microsoft 365 Lighthouse – Partner web page
- Microsoft 365 Lighthouse – Documentation
FAQ