Microsoft’s new unified Defender for Endpoint solution for Windows Server 2012 R2 and Windows Server 2016 is now generally available.
According to Microsoft, this adds new prevention, detection and response capabilities to Defender for Endpoint on those versions that were previously only available on Windows Server 2019 and later.
The new unified Defender reduces complexity by removing dependencies and installation steps while standardizing capabilities and functionality with a high level of parity with Defender for Endpoint on Windows Server 2019, Microsoft says.
That means all environment requirements around connectivity are the same, allowing admins to use the same Group Policy, PowerShell commands and Endpoint Configuration Manager to manage configuration. It does not use or require the installation of the Microsoft Monitoring Agent, the company says.
In an October 2021 blog post announced the public preview, Microsoft says ransomware attackers often leverage older machines with older operating systems, making it difficult for modern endpoint detection tools to catch those attacks in progress. Microsoft says it modeled across the MITRE tactics to give the revamped solution the best chance of early detection.
The new Defender for Endpoint for Windows Server 2012 R2 and 2016 now include the ability to monitor signs of entry via publicly facing services, enhanced memory protection to help identify credential theft activities, improved user logon activity for better mapping of lateral movement and tampering protection to prevent ransomware from impacting servers.
Admins can apply the latest updates to benefit from these improvements, and Automated deployment and integration of the new solution with Microsoft Defender for Cloud is now available to try with the new Microsoft Defender for Server P1 offering, the company says.
Customers with machines on the existing Microsoft Defender for Server (now labeled P2) offering will be able to start gradually upgrading from the current, MMA-based solution, in the following week, Microsoft says.