Plan Defender for Servers deployment
Defender for Servers extends protection to your Windows and Linux machines running in Azure, AWS, GCP, and on-premises. Defender for Servers integrates with Microsoft Defender for Endpoint to provide endpoint detection and response (EDR), and also provides a host of additional threat protection features.
This guide helps you to design and plan an effective Microsoft Defender for Servers deployment. Defender for Servers is one of the paid plans provided by Microsoft Defender for Cloud.
About this guide
This planning guide is aimed at cloud solution and infrastructure architects, security architects and analysts, and anyone else involved in protecting cloud/hybrid servers and workloads. The guide aims to answer these questions:
- What does Defender for Servers do, and how is it deployed?
- Where will my data be stored, and what Log Analytics workspaces do I need?
- Who needs access?
- Which Defender for Servers plan should I choose, and which vulnerability assessment solution should I use?
- When do I need Azure Arc, and which agents/extensions must be deployed?
- How do I scale a deployment?
Before you begin
- Review pricing details for Defender for Servers.
- If you're deploying for AWS/GCP machines, we suggest reviewing the multicloud planning guide before you start.
Here's a quick overview of the deployment process.
- Learn more about foundational cloud security posture management (CSPM).
- Learn more about Azure Arc onboarding.
After kicking off the planning process, review the second article in this planning series to understand how your data is stored, and Log Analytics workspace requirements.
Enviar y ver comentarios de