This does, however, for now, still leave Windows Server 2008 R2 in the same old place. With the improved feature parity, Microsoft remove a blocker for many organizations adopting MDE on servers, close the gap with competitors with enhanced protection, and make IT/security pros lives a little easier with consistent onboarding and tools. On the portal, you also couldn’t perform actions such as live response or file responses. Key among the features missing were attack surface reduction (ASR) rules and automated investigation and response (AIR). While Server 2016 shipped with Microsoft Defender Antivirus (MDAV) installed already, to get any kind of scanning and endpoint protection capability in Server 2012 R2, you had to install System Centre Endpoint Protection (SCEP).Įven after onboarding and having either MDAV or SCEP, you still didn’t get the full capabilities of MDE that you did with Windows Server 2019. This was required as the EDR sensor wasn’t built-in, unlike with Server 2019. To get devices into MDE, you had to deploy the Microsoft Monitoring Agent (MMA). The onboarding process was also different. Previously, as detailed in Understanding Microsoft Defender for Endpoint and How It Protects Your Data on Petri and here on my own blog, there was a large feature gap between Windows Server 2019 and these “down-level” OSs. With the public preview, Windows Server 2012 R gain ‘ functional equivalence‘ to Windows Server 2019, thanks to a new agent that is being described as the ‘unified solution’. New protection capabilities for Microsoft Defender for Endpoint (MDE) customers landed in public preview, Oct 7th 2021, for Windows Server 2012 R2 and Windows Server 2016.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |