question

AnandRMenon-2032 avatar image
0 Votes"
AnandRMenon-2032 asked eepyaich answered

Windows versions supported in Microsoft Defender for Endpoint Plan 1

Hi Team,

We are distributing some MDE P1 licenses for one of our customers. They have a minimal environment with basic cloud-antivirus requirement. They have Windows 7 and Windows 10 devices. But when I go through the documentations, it seems versions before Windows 10 (Windows 7, 8 etc.) and Windows Server versions are not supported in MDE Plan 1. Please clarify on this. If these are not supported as of now, I'd like to request to extend support for these Windows versions in Plan 1(Plan 2 already supports these versions), since Plan 1 may be used by many customers who are less inclined towards cybersecurity and so may be keeping legacy versions of Windows(or for other purposes too). Also, it will be difficult if Server versions are not supported, since it will be impossible to automatically enroll devices using group policy method which can be done in the Domain Controller. Thank you.

Regards,
Anand R Menon

windows-10-securitywindows-server-security
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LimitlessTechnology-0326 avatar image
0 Votes"
LimitlessTechnology-0326 answered

Hello

Thank you for your question and reaching out. I can understand you are having query related to Windows versions supported in Microsoft Defender for Endpoint Plan 1.


Currently, Defender for Endpoint Plan 1 supports the following operating systems:

Windows 7 (ESU required)
Windows 8.1
Windows 10, version 1709, or later
macOS: 11.5 (Big Sur), 10.15.7 (Catalina), or 10.14.6 (Mojave)
iOS
Android OS


Here is the Official documentation for Plan 1 :

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-worldwide



--If the reply is helpful, please Upvote and Accept as answer--

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

eepyaich avatar image
0 Votes"
eepyaich answered

While @LimitlessTechnology-2700 is right that older versions of Windows are supported in Defender P2 (see https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/minimum-requirements?view=o365-worldwide#supported-windows-versions), I believe for P1 only currently supported versions of Windows endpoints are covered (i.e. Win 10+) - as per the specific P1 requirements table at https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/mde-p1-setup-configuration?view=o365-worldwide#review-the-requirements.

@AnandRMenon-2032 - I believe this is primarily down to the fact that Windows versions prior to Windows 10 are no longer in support. As I'm sure you're aware, there are many security risks associated with using out of support operating systems, beyond anti-malware and EDR. If you have ESU for Windows 7 you can benefit from Windows Defender P2, but the reality is that Microsoft really want to encourage users to move to supported versions of the O/S.

In terms of servers, there is actually a dedicated license SKU which covers "Defender for Endpoint on Servers". This is equivalent in function to the P2 plan, but is a separate license (i.e. you can't just use an MDE P2 license, but need the server SKU). See the note at the bottom of the overview section of https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-worldwide#windows-server-onboarding-overview and the specific license terms at https://www.microsoft.com/licensing/terms/productoffering/MicrosoftDefenderforEndpointServer/all for more.

For servers, there is an alternative option, which is to use the "Defender for Servers" plan within Microsoft Defender for Cloud. There is more information about this at https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-servers-introduction - unlike the server SKU I mentioned earlier, this is billed through Azure and doesn't have the same requirements on E5 licenses as the standalone server SKU.



--If the reply is helpful, please Upvote and Accept as answer--

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.