Defender for Endpoint: Protect your Endpoints and Servers with P1, P2 and Defender for Business.
As a technical architect, it's important to understand the various endpoint security options available from Microsoft. Two key plans to consider are Microsoft Defender for Endpoint and Microsoft 365 Defender. These solutions are designed specifically for enterprise organizations and help prevent, detect, investigate, and respond to advanced threats.
The following table summarizes what's included in Microsoft endpoint security plans.
Plan What's included Defender for Endpoint Plan 1
Next-generation protection (includes antimalware and antivirus)
Defender for Endpoint Plan 2 All of the Defender for Endpoint Plan 1 capabilities, plus:
Support for Windows (client only) and non-Windows platforms (macOS, iOS, Android, and Linux)
Defender Vulnerability Management add-on More Defender Vulnerability Management capabilities for Defender for Endpoint Plan 2:
Support for Windows (client and server) and non-Windows platforms (macOS, iOS, Android, and Linux)
Defender for Business Services optimized for small and medium-sized businesses include:
Email protection
Antispam protection
Antimalware protection
Next-generation protection
Attack surface reduction
Endpoint detection and response
Automated investigation and response
Vulnerability management
Centralized reporting
APIs (for integration with custom apps or reporting solutions)
Considerations:
For Endpoints:
Microsoft Defender for Business is available as a standalone subscription for small and medium-sized businesses. It's also included as part of Microsoft 365 Business Premium.
Defender for Endpoint Plan 1 and 2 (standalone), Defender for Business (standalone), and Microsoft 365 Business Premium don't include server licenses.
For Servers:
To onboard servers you have the following option:
Microsoft Defender for Servers Plan 1 or Plan 2 as part of the Defender for Cloud offering. To learn more. see Overview of Microsoft Defender for Servers.
For Business Servers:
Microsoft Defender for Business servers (preview) for small and medium-sized businesses. See How to get Microsoft Defender for Business servers (preview).
In order to add on Microsoft Defender for Business servers, you'll need at least one paid license for Microsoft 365 Business Premium or Defender for Business (standalone).
You'll need one Microsoft Defender for Business servers license per server instance, although you don't assign it to any devices or users.
There's a limit of 60 Microsoft Defender for Business servers licenses per subscription to Microsoft 365 Business Premium or Defender for Business.
Alternately, you could use Microsoft Defender for Servers to onboard your servers; however, your Defender for Business experience could change when you add an enterprise plan, such as Defender for Servers Plan 1 or Plan 2. To learn more, see What happens if I have a mix of Microsoft endpoint security subscriptions?
Trials:
To try Defender for Endpoint, go to the Defender for Endpoint trial sign-up page.
To try the Microsoft Defender Vulnerability Management add-on for Defender for Endpoint Plan 2, visit https://aka.ms/AddonPreviewTrial.
Get Microsoft Defender for Business Server: Get Microsoft Defender for Business servers | Microsoft Learn
If you have any questions, leave a comment and I will respond as soon as I can.