Plan your Defender for Servers deployment
Microsoft Defender for Servers extends protection to your Windows and Linux machines that run in Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), and on-premises. Defender for Servers integrates with Microsoft Defender for Endpoint to provide endpoint detection and response (EDR) and other threat protection features.
This guide helps you design and plan an effective Defender for Servers deployment. Microsoft Defender for Cloud offers two paid plans for Defender for Servers.
About this guide
The intended audience of this guide is cloud solution and infrastructure architects, security architects and analysts, and anyone who's involved in protecting cloud and hybrid servers and workloads.
The guide answers these questions:
- What does Defender for Servers do and how is it deployed?
- Where will my data be stored and what Log Analytics workspaces do I need?
- Who needs access to my Defender for Servers resources?
- Which Defender for Servers plan should I choose and which vulnerability assessment solution should I use?
- When do I need to use Azure Arc and which agents and extensions are required?
- How do I scale a deployment?
Before you begin
Before you review the series of articles in the Defender for Servers planning guide:
- Review Defender for Servers pricing details.
- If you're deploying for AWS machines or GCP projects, review the multicloud planning guide.
The following diagram shows an overview of the Defender for Servers deployment process:
- Learn more about foundational cloud security posture management (CSPM).
- Learn more about Azure Arc onboarding.
You've begun the Defender for Servers planning process. Review the next article in the planning guide to understand how your data is stored and the Log Analytics workspace requirements.