Hi,
My servers 2016 and 2019, are onboarded via Azure Security Center. At the same time, I also install MMA and add MDE/MDATP workspace ID.
Would it be an issue?
If there is a malware/threat detection, which portal will give the alert?
Hi,
My servers 2016 and 2019, are onboarded via Azure Security Center. At the same time, I also install MMA and add MDE/MDATP workspace ID.
Would it be an issue?
If there is a malware/threat detection, which portal will give the alert?
@AxDJones-1189 Thanks for reaching out.
If you have already onboarded the servers using azure security center, the Microsoft defender endpoint gets configured automatically. Even if you have did that manually, there should not be any problem.
MDATP portal gives you a more broader view of threat and all the relevant information to investigate any incident deeply.
Alerts will be first raised on MDATP portal and then synced to azure security center.
Azure security center will provide you a kind of centralized place for all alerts from different resources.
For investigating in detail you will need to come to the Microsoft defender portal to utilize the power of intelligence security graph.
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.
Hi @vipulsparsh-MSFT ,
Understood about it. Thanks for the answer and explains clearly.
5 people are following this question.