Looking for some assistance, we have onboarded 2012 through to 2022 servers via MDE into Defender for Servers and the devices are all visible within the Device list on the security portal. Issue I’m have is that if we try and create a baseline assessment policy against any of the server groups, even with no filtering in place, it is only picking up a small handful of the devices.  I’m extracted all the devices for all the OS versions and ran various pivots to try and get a match on numbers to see if there was any common ground as to what was being detected. 

Any suggestions as I don’t want to just enable it without knowing what servers are being looked at.

​Looking for some assistance, we have onboarded 2012 through to 2022 servers via MDE into Defender for Servers and the devices are all visible within the Device list on the security portal. Issue I’m have is that if we try and create a baseline assessment policy against any of the server groups, even with no filtering in place, it is only picking up a small handful of the devices.  I’m extracted all the devices for all the OS versions and ran various pivots to try and get a match on numbers to see if there was any common ground as to what was being detected.  Any suggestions as I don’t want to just enable it without knowing what servers are being looked at.   Read More

​