Hi @milo last , Defender for Endpoint and Defender for Servers both provide endpoint protection, but they have different features and capabilities. Defender for Endpoint is a cloud-based solution that provides advanced endpoint protection, including endpoint detection and response (EDR) capabilities. It requires an internet connection to function properly. On the other hand, Defender for Servers is an on-premises solution that provides endpoint protection for servers. It does not require an internet connection to function properly.
If your servers have no connectivity to the internet, Defender for Servers would be the better choice for you. It provides endpoint protection for servers without requiring an internet connection. However, if you have some servers that can connect using a proxy, you can use Defender for Endpoint for those servers.
It's important to note that if you choose Defender for Servers, you will not have access to the advanced EDR capabilities provided by Defender for Endpoint. However, Defender for Servers does provide basic endpoint protection for servers, including antivirus and antimalware protection.
If you have servers with no internet connectivity, Defender for Servers would be the better choice for you. If you have some servers that can connect using a proxy, you can use Defender for Endpoint for those servers.
Please let me know if you have any questions and I can help you further.
If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James