I'm currently exploring how to effectively license Defender for Servers. We're running on an E-5 plan, but our licensing representative insists that we need to purchase Business Premium licenses for each server along with a Defender add-on. All of our servers are on-premises. I'm looking for validation on whether this is indeed the correct approach for licensing Defender on our servers. How are you managing it?
5 Answers
I'm not sure why they're pushing Business Premium since it's not a requirement. You only need a separate license for Defender for Servers. Remember that E5 plans include Intune, so just ensure your admin accounts have those licenses set up correctly.
Their recommendation sounds a bit odd. We went for the security add-on for our entire tenant, which might be why we were covered for everything, including enhanced reporting and features.
One option is to onboard your servers with Azure Arc and then deploy Defender for Servers directly from Azure. This way, the costs will be billed straight to your Azure subscription. Just keep an eye out for any unlicensed users accessing the servers.
That's how we handled it too.
You definitely don’t need a Business Premium license. We have separate licenses for Defender for Business clients and for servers, and we often license Intune independently as well.
There are various ways to acquire Defender for Windows Servers. If the representative is suggesting Business Premium, they might not understand the offering well. Check the differences between Defender for Business Servers and Defender for Servers using the documentation. You can also opt for Defender for Cloud, which is free in Azure, and pay for Defender for Servers at $5 or $15 per server, depending on the plan. Keep in mind, you don’t have to onboard the servers to Azure Arc unless you want to access additional features.
Just to clarify, M365 E5 includes Intune, but O365 E5 doesn't. Your admin accounts don’t actually need licenses to manage it.