Microsoft Defender for Endpoint now offers protections for Windows Server 2012 R2 and Windows Server 2016 — Redmondmag.com
Microsoft Defender for Endpoint now offers protections for Windows Server 2012 R2 and Windows Server 2016
Microsoft announced on Monday that its Microsoft Defender for Endpoint security solution now supports older Windows Server products, namely Windows Server 2012 R2 and Windows Server 2016.
Microsoft Defender for Endpoint support for these older server products is now in the “general availability” (GA) stage, having been in the preview stage in October. Microsoft Defender for Endpoint (previously called “Microsoft Defender Advanced Threat Protection”) previously had some support for these older server products. However, with this GA release, Microsoft has introduced a “revamped solution stack”, which apparently improves its functionality and makes things much easier for IT pros.
For example, Microsoft claims that the new Microsoft Defender for Endpoint protections for Windows Server 2012 R2 and Windows Server 2016, now generally available, are essentially “functionally equivalent” to the protections already obtained for Windows Server 2019.
Microsoft further explained this equivalence. The announcement stated that “all environment requirements for connectivity are the same, and you can use the same Group Policy, PowerShell commands, and Microsoft Endpoint Configuration Manager* to manage the configuration.”
The Microsoft Monitoring Agent (MMA) is no longer required with the revamped solution stack, so organizations that previously used MMA with Configuration Manager must follow certain server migration steps if they want to take advantage of the new enhancements, a clarified the announcement.
Benefits for old servers
Organizations using Windows Server 2012 R2 and Windows Server 2016 enjoy many benefits with the revamped Microsoft Defender for Endpoint security solution.
For example, the redesign brings Microsoft Defender Antivirus protection for these older servers. Organizations will have access to attack surface reduction rules and can implement potentially unwanted application blocking. They will also benefit from “block-mode endpoint detection and response”, which adds protections when Microsoft Defender Antivirus is “not the primary antivirus product” running. An automated investigation and response capability also comes into play with security alerts, and more.
The protections offered by the revamped version of Microsoft Defender for Endpoint were “previously only available on Windows Server 2019 and later,” explained Tanmay Ganacharya, Partner Director of Security Research for Microsoft Defender for Endpoint, in a Monday Twitter post.
Improved support for Microsoft Defender for Endpoint for Windows Server 2012 R2 may seem a bit late, as the product is only supported until October 10, 2023. However, Microsoft has implemented an update program. extended security update for the server, an option that pushes its end-of-life date about three more years to 2026 for those willing to pay for it. Lifecycle details can be found on this Microsoft research page.
Requirements and licenses
Microsoft has already updated its documentation for organizations looking to take advantage of the revamped solution stack for Microsoft Defender for Endpoint. There are many caveats to follow. Paul Huijbregts, a Microsoft Tech Community employee, answered many questions about the deployment of IT professionals in Monday’s announcement.
A top-tier E5 type license is required to use Microsoft Defender for Endpoint, which might dampen the enthusiasm for the new improvements a bit.
Huijbregts had two additional pieces of information to pass on regarding the announcement. First, the revamped solution stack can be tried by users of “the new Microsoft Defender for Server P1 offering”. Second, users of the “existing Microsoft Defender for Server (now called P2)” product can begin “a gradual upgrade from the current MMA-based solution in the coming weeks.”