This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 55.00000000000001%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi,
We recently enabled Microsoft defender for cloud - Standard plan as part of XDR requirement. With this I have got couple of queries.
Since this is already installs MDE agent, is it not required to install Antimalware solution?
How do ensure this works as expected? how can we test this functionality?
I know, MDE comes with its own portal (https://securitycenter.microsoft.com/) to manage. what different kinds of policies can be set?
Is it possible to view, retrieve data collected by MDE on Azure portal itself? How?
It would be really good if someone can guide us through right direction, it seems to be lot of confusing terms and articles about these.
Thanks.
Regards
Thahif
Defender for Cloud uses the Microsoft Monitoring Agent currently (vs the new Azure Monitor Agent). The recommended deployment method for hybrid (non-Azure) is using Azure Arc. Defender for Cloud will deploy the MMA agent to all servers in the subscription (and on Azure Arc) using an extension. This will also activate Defender for Endpoint using an extension. Hybrid Windows servers onboarded using a stand-alone MMA install and Linux servers may require separate MDE activation.
Defender for Endpoint uses the built-in Defender AV service as an agent. There is no agent to install on modern Windows OS. It is simply a matter of activation the service included in the OS. MDE also relies on policy deployed through GPO, Intune, or MECM to configure the antivirus agent settings and the OS hardening recommendations (ASR). Even though Defender for Cloud may activate MDE you will still want to configure these policies separately. MDE will also provide recommendations to improve OS hardening.
To verify your onboarding start by using the device inventory on the Microsoft 365 Defender portal. There is an onboarding section under Settings>Endpoints to assist you with any additional onboarding if needed.
@Mohammed Thahif BK
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?
@Andrew Blumhardt @JamesTran-MSFT - thanks. I was looking for what policies can be configured in defender portal. I come from non-secuirty background, would be good if you can shre some commonly used policies to be set in the portal.