Enable Defender for Servers plan at the resource level! 🔥

You can now enable Defender for Servers plan at the resource level! 🔥

While the recommendation remains to enable Defender for Servers across your entire Azure subscription, safeguarding all existing and future resources within it, we understand that some situations demand greater flexibility. This could be for excluding specific resources or managing security configurations at a more granular level than the subscription.

Resource-Level Enablement is now available for Azure machines and on-premises with Azure Arc as part of Defender for Servers plans:

- Defender for Servers Plan 1: Enable or disable the plan at the resource level.

- Defender for Servers Plan 2: Disable the plan at the resource level. For instance, it’s possible to activate the plan at the subscription level and then disable specific resources. However, enabling the plan only for select resources isn’t feasible.

Supported Resource Types Include:

- Azure VMs

- On-premises with Azure Arc

- VMSS Flex

Enablement via REST API:

This capability is exclusively accessible via REST API. Discover how to interact with the API for managing your Defender for Servers at either the resource or subscription level.

Impact on Microsoft Defender for Endpoint Deployment:

- The automatic deployment of Microsoft Defender for Endpoint will align with the VM pricing state.

- Including VMs in Servers Plan 1 triggers automatic deployment of Microsoft Defender for Endpoint (if not already deployed).

- Excluding VMs from Servers Plan 1 or Plan 2 also means exclusion from the deployment of Microsoft Defender for Endpoint (if not already deployed).

Want to learn more?

📘Link here: Protect your servers with Defender for Servers - Microsoft Defender for Cloud | Microsoft Learn

#Azure #MicrosoftDefender #Cybersecurity #CloudSecurity