This was required as the EDR sensor wasn’t built-in, unlike with Server 2019. To get devices into MDE, you had to deploy the Microsoft Monitoring Agent (MMA).
The onboarding process was also different. Previously, as detailed in Understanding Microsoft Defender for Endpoint and How It Protects Your Data on Petri and here on my own blog, there was a large feature gap between Windows Server 2019 and these “down-level” OSs. With the public preview, Windows Server 2012 R gain ‘ functional equivalence‘ to Windows Server 2019, thanks to a new agent that is being described as the ‘unified solution’. I then made sure the antivirus was set to do real time scanning, a quick scan every night, and "check for signatures" before each scan.New protection capabilities for Microsoft Defender for Endpoint (MDE) customers landed in public preview, Oct 7th 2021, for Windows Server 2012 R2 and Windows Server 2016. The remove the the local admin from having full control, then put the owner back to "SYSTEM." Note: in order to change that key, I had to temporarily change ownership of the "Signature Updates" node to something like the local administrators account I was logged in as, allow "full control" for that account, make the change, (You might have to move away from the key and come back, or close and reopen regedit so you can change the key with your new permissions.) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Signature Updates To fix that, I went to the registry and changed the key
I think the software assumes you will be pushing the updates via SCCM. This was ok at first, but the antivirus signatures were not updating. You should get an update to the latest 4.10 version. In windows update, check the box for "allow checking for other Microsoft products" and run windows update. I could only find the 4.7 client install. Run the installer, it shows up as "System Center 2012 Endpoint Protection" \SMSSETUP\CLIENT of the downloaded bundle So that you can extract the antivirus installer from it: The normal licenses that cover Windows 10 and other client endpoints don't apply to servers. This is not an approved method, but it seems to be working for me.įirst make sure you have purchased additional server licenses for antivirus. Run into the same issue where I've got a few older servers that I onboarded into Defender and then realized that was just alerting and telemetry, not a real antivirus.
0 kommentar(er)
