Questo articolo è disponibile anche in lingua italiana al seguente link: Microsoft Defender for Endpoint: proteggere i server | WindowServer.it
New chapter about Microsoft Defender for Endpoint and today we will see how to protect servers.
All servers are managed by Azure Security Center. The licensing is different from Windows 10 because necessary enable the Azure Defender plan and this means 15 euro/server. All the servers onboarded with Microsoft Management Agent (MMA) will are able to be protected with Microsoft Defender.
To onboard a server there are many ways: for example, if you have many servers is better use Microsoft Endpoint Configuration Manager (aka SCCM) or Group Policy Object (GPO). In this case I will deploy the agent manually and the process change by Operating Systems because from Windows Server 2008 R2 to Windows Server 2016 is required use the MMA but from Windows Server v1803 and above must be used a .bat file with onboarding process. The reason is because the new versions integrate by default Windows Security Defender.
Onboarding via MECM
With Microsoft Endpoint Configuration Manager the onboarding process changes between Windows Server v1803 and previous versions.
After few minutes the server will be available into Microsoft Defender web portal.
Protect from Malware
The procedure to protect items from malware, like Egregor, is the same of clients and if you want more details, check this article: Microsoft Defender for Endpoint: prevent Egregor Ransomware.