Defender CSPM and on premises servers

Question

Hello, We were told through a MS Partner that subscribing to the defender CSPM at $5 per month and per ressource would allow us to have a minimal AV cover for our on premises servers. However after deploying them in Azure Arc it does not seem to allow me to activate Defender on the servers (greyed out). Have anyone managed to get this to work or do you have to take the P2 license to cover them?

Thank you

Answer 1

Hello Monaco IT,

An enabled Defender for Servers Plan 1 will allow you to receive configuration recommendations from machines that are onboarded to Azure with Azure Arc.

After successfully onboarding the servers with Azure Arc, verify that the resources are showing in Azure Portal > Microsoft Defender for Cloud > Inventory and that their status shows "Connected".

Next, you'll enable the Defender for Servers plan by visiting Microsoft Defender for Cloud > Environment settings > Select the relevant subscription > toggle the Servers switch to On.

If this is where you're seeing the Server plan greyed out, we may need to examine the RBAC roles assigned to your user account.

I hope this helps!

Best,

Jessica

---

Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

Answer 2

Hello Thank you for your reply I eventually managed to get this working.. Only one my server was 2012 not R2 and that is not compatible.