Skip to content

Docs: Recommend Defender for Servers Plan 2 as preferred server onboarding option#505

Open
jongABCDsudo-rm-rf wants to merge 1 commit into
MicrosoftDocs:publicfrom
jongABCDsudo-rm-rf:docs/recommend-defender-for-servers-p2
Open

Docs: Recommend Defender for Servers Plan 2 as preferred server onboarding option#505
jongABCDsudo-rm-rf wants to merge 1 commit into
MicrosoftDocs:publicfrom
jongABCDsudo-rm-rf:docs/recommend-defender-for-servers-p2

Conversation

@jongABCDsudo-rm-rf

@jongABCDsudo-rm-rf jongABCDsudo-rm-rf commented May 8, 2026

Copy link
Copy Markdown

Adds an explicit recommendation in the "Server plans" section of defender-endpoint/onboard-server.md identifying Microsoft Defender for Servers Plan 2 as the preferred onboarding option for server workloads

Today the article lists three valid licensing options without indicating which one Microsoft recommends for typical scenarios:

  • Microsoft Defender for Servers Plan 1 or Plan 2 (Defender for Cloud)
  • Microsoft Defender for Endpoint for servers
  • Microsoft Defender for Business servers

Customers and partners frequently default to the standalone "Microsoft Defender for Endpoint for servers" SKU on the assumption it is functionally equivalent to Defender for Servers Plan 2, missing capabilities that are specific to Plan 2.

This guidance is already implied across azure/defender-for-cloud/defender-for-servers-overview.md and azure/defender-for-cloud/plan-defender-for-servers-select-plan.md, but it is not surfaced on the Defender for Endpoint server onboarding entry-point article that most readers land on first.

Related

  • /azure/defender-for-cloud/defender-for-servers-overview
  • /azure/defender-for-cloud/plan-defender-for-servers-select-plan
  • /defender-endpoint/minimum-requirements

@learn-build-service-prod

Copy link
Copy Markdown
Contributor

Learn Build status updates of commit 20c7e45:

✅ Validation status: passed

File Status Preview URL Details
defender-endpoint/onboard-server.md ✅Succeeded

For more details, please refer to the build report.

@v-dirichards

Copy link
Copy Markdown
Contributor

@paulinbar

Can you review the proposed changes?

Important: When the changes are ready for publication, adding a #sign-off comment is the best way to signal that the PR is ready for the review team to merge.

#label:"aq-pr-triaged"
@MicrosoftDocs/public-repo-pr-review-team
#assign: @paulinbar

@prmerger-automator prmerger-automator Bot added the aq-pr-triaged Tracking label for the vendor PR Review team label Jul 8, 2026
@prmerger-automator

Copy link
Copy Markdown
Contributor

@jongABCDsudo-rm-rf : Thanks for your contribution! The author(s) and reviewer(s) have been notified to review your proposed change.

@prmerger-automator

Copy link
Copy Markdown
Contributor

@jongABCDsudo-rm-rf : Thanks for your contribution! The author(s) and reviewer(s) have been notified to review your proposed change.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the Defender for Endpoint server onboarding entry point to explicitly recommend Microsoft Defender for Servers Plan 2 (via Microsoft Defender for Cloud) as the preferred licensing/onboarding path for most server workloads, helping readers avoid choosing the standalone Defender for Endpoint for servers offer by default.

Changes:

  • Adds a new TIP in the Server plans section recommending Defender for Servers Plan 2 as the default choice for most organizations.
  • Summarizes why Plan 2 is preferred and points readers to Defender for Servers plan feature-comparison documentation.
  • Clarifies when standalone server licensing options are still appropriate alternatives.

Comment on lines +43 to +45
> For most organizations, Microsoft recommends onboarding servers through **Microsoft Defender for Servers Plan 2** as part of [Microsoft Defender for Cloud](/azure/defender-for-cloud/defender-for-servers-overview). Plan 2 includes the same Defender for Endpoint server protection capabilities as the standalone "Microsoft Defender for Endpoint for servers" SKU, and adds capabilities specific to server workloads: agentless vulnerability, malware, and secrets scanning; file integrity monitoring; just-in-time machine access; regulatory compliance assessment; premium Microsoft Defender Vulnerability Management; OS configuration assessment against the Microsoft Cloud Security Benchmark; and a free 500 MB/day data ingestion allowance per protected machine. Defender for Cloud also automatically onboards the Defender for Endpoint extension to supported Azure VMs and Azure Arc-enabled machines, removing the need for per-machine onboarding scripts. For a feature comparison, see [Defender for Servers plan features](/azure/defender-for-cloud/defender-for-servers-overview#plan-protection-features).
>
> If you have a specific reason not to use Defender for Cloud (for example, fully air-gapped environments or workloads under a separate licensing perimeter), the standalone *Microsoft Defender for Endpoint for servers* SKU and *Microsoft Defender for Business servers* are valid alternatives.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants