Microsoft Defender for Endpoint Preview Brings Benefits to Windows Server 2012 R2 and Windows Server 2016 Users – Redmondmag.com

0

New

Microsoft Defender for Endpoint Preview Brings Benefits to Windows Server 2012 R2 and Windows Server 2016 Users

Microsoft this week announced a “revamped solution stack” for Microsoft Defender for Endpoint that promises to strengthen protections and simplify configurations when using Windows Server 2012 R2 and Windows Server 2016 products.

However, additional support for Windows Server 2012 R2 and Windows Server 2016 products in Microsoft Defender for Endpoint is still in the preview stage, and there are many caveats. In addition, Microsoft Defender for Endpoint (formerly known as “Microsoft Defender Advanced Threat Protection”) requires you to have E5 type license in place.

The E5 license requirement looked like a kind of buzz-kill, based on comments found in Microsoft’s Twitter ad on the new Unified Solutions Stack preview.

However, if organizations have this E5 license, then this so-called “modernized unified solution” promises to bring similar Microsoft Defender for Endpoint protections to those older servers that were generally available previously in the Windows Server 2019 product. The ad stated that “the solution is functionally equivalent to Microsoft Defender for Endpoint on Windows Server 2019”.

Additionally, the Group Policy templates used with Windows Server 2019 will work for older servers.

“You can now use the Group Policy templates for Windows Server 2019 to manage Defender on Windows Server 2012 R2 and 2016,” the announcement said.

Benefits of the unified Microsoft Defender solution for endpoints
Here is the list of enhancements available for these older server products with the new unified solution package, according to a description of the Microsoft document “Onboard Windows Servers”:

Additionally, the new unified solution does not require the use of Microsoft Monitoring Agent to achieve Microsoft Defender for Endpoint protections. Use of this agent was previously required for Windows Server 2012 R2 and Windows Server 2016.

Microsoft Offers this technical document for organizations wishing to abandon the Microsoft Monitoring Agent approach. IT pros can use Microsoft Endpoint Configuration Manager for this switch, but it won’t be fully automated until version 2111, the document explains in a note.

Unified Solution Preview Warnings
The new Unified Solution Stack for Microsoft Defender for Endpoint is only in the preview stage for use with Windows Server 2012 R2 and Windows Server 2016. Known issues, as described in the “Windows Embedded Servers” document from Microsoft, could be problematic.

For example, Azure Security Center will not display alerts yet, according to the document:

For Windows Server 2012 R2 and 2016 running Modern Unified Solution Preview, integration with Azure Security Center / Azure Defender for Servers for alerts and automated deployment is not yet available. Although you can install the new solution on these machines, no alerts will be displayed in Azure Security Center.

Additionally, the new unified solution stack does not support the “OMS Gateway” proxy server to connect to Microsoft Defender for Endpoint Cloud Services. It’s just not supported.

Microsoft Defender Antivirus will not have a user interface when used with Windows Server 2012 R2 with the new Unified Solution Stack preview. Microsoft Defender Antivirus “only allows basic operations” on Windows Server 2016 with preview.

Windows Server 2012 R2 and Windows Server 2016 users don’t get all attack surface reduction rules with preview, the document says. Details have not been cataloged.

Finally, “operating system upgrades are not supported” when using the new Unified Solution Stack Preview.

Perhaps the above caveats are only temporary hurdles, as Microsoft plans to “have full Azure Defender integration as a public preview in Q1 2022!” by the ad.

About the Author

Kurt Mackie is Senior News Producer for 1105 Media’s Converge360 Group.



Source link

Leave A Reply

Your email address will not be published.