Introduction
Contoso Manufacturing runs critical factory automation software on Azure virtual machines and Arc-connected on-premises servers. These servers control production lines, manage inventory systems, and run operational technology (OT) workloads. Currently, the security team has no vulnerability scanning, no endpoint detection, and no way to detect if a server is compromised. A silent attack on a server running Policy & Configuration (PLC) integration software could disrupt production for days before anyone notices.
In this module, you implement Microsoft Defender for Servers across Contoso's entire server estate. You learn how to:
- Select the appropriate Defender for Servers plan and onboard Azure VMs and Arc-connected servers
- Configure vulnerability scanning using both agentless and agent-based Defender Vulnerability Management
- Manage the Microsoft Defender for Endpoint integration, configure agentless scanning capabilities, and enable File Integrity Monitoring
Prerequisites
- Defender for Cloud enabled on your Azure subscription
- Azure Arc connectivity established for on-premises servers
- Basic familiarity with Defender for Cloud environment settings and workload protection concepts
Now that you understand the security gap Contoso faces, you're ready to select the right Defender for Servers plan and onboard the server estate.