I think you can set the 15 ASR rules using a GPO without MDE. The process for setting the rules can be a bit daunting. You start with auditing, though there are a few always-block recommendations. After reviewing the audit, you can determine what to block and where to avoid business interruption. The GPO is also not easy to manage using GUIDs rather than rule names. Collecting and making a decision based on the ASR audit events is not easy.
MDE collects all of the ASR rule logs. If you use Intune it makes management easier. You can even manage ASR rules to a degree in the M356D portal. I don't believe there are out of the box alerts for ASR Rule blocks but you can create a custom rule for alerting. More importantly, MDE gives you reporting and recommendations on where to safely apply blocks. With advanced hunting you can see ASR Rule activity from all devices in one place.
Also consider that Attack Surface Reduction is a term in MDE that goes far beyond the 15 ASR rules. Things like Device Control, Web Protection, Network Protection, etc.
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-worldwide#attack-surface-reduction