Skip to main content Link Menu Expand (external link) Document Search Copy Copied
TechWorkshop L300 Understanding XDR

Task 02: Onboard the VM to MDE

  1. In the Azure Portal search box, search for and select Microsoft Defender for Cloud.

  2. On the leftmost pane, select Management > Environment settings.

  3. Expand the Environment until your subscription is visible and then select it.

    OnboardingVM-12.png

  4. Under Cloud Workload Protection (CWPP), ensure Defender for Servers is On.

    If not already, set to On.

    OnboardingVM-1.png

  5. On the Servers plan, under Monitoring coverage, select Settings >.

    If necessary, select Cancel if prompted to disable Agentless scanning for machines.

    OnboardingVM-1.5.png

  6. On the Settings & monitoring page, verify that Endpoint protection is set to On.

    OnboardingVM-2.png

  7. Near the top of the page, select Continue.

  8. Near the top of the Defender plans page, select Save.

    The above step will automatically deploy the MDE sensor/extension to supported Windows machines in the subscription.

    Wait up to 1 hour for the VM to appear in MDE/XDR by navigating to security.microsoft.com