Summary
Microsoft Defender products that defend endpoints play an integral role in Microsoft’s threat protection solutions, providing customers with security for their organizations. These solutions help organizations prevent, detect, investigate, and respond to advanced threats. Customers can obtain the products through user- and server-based subscription licenses. Customers can also consume server protection through Microsoft Defender for Cloud.
This guidance provides clarity on device entitlements under Microsoft Defender licenses. It does not introduce new terms or supplement existing ones but offers insight into this topic and explains the intent of existing guidance.
Applicable products
This guidance applies to the following products:
User subscription licenses
|
Product |
Overview |
|---|---|
|
Microsoft Defender for Vulnerability Management |
Microsoft Defender for Vulnerability Management delivers continuous asset discovery and inventory in a consolidated view, performs intelligent assessments using Microsoft threat intelligence, prioritizes based on risk, and includes built-in remediation and mitigation flows. |
|
Microsoft Defender Vulnerability Management Add-on |
Customers who have Defender for Endpoint P2 can get the Microsoft Defender Vulnerability Management Add-on, which includes consolidated inventories, expanded asset coverage, and enhanced assessment and mitigation tools. |
|
Microsoft Defender for Business |
Defender for Business delivers an enterprise-grade, AI-powered security solution built especially for small and medium-sized businesses (up to 300 employees). It helps protect your company’s devices from ransomware, malware, phishing, and other cyberthreats. |
|
Microsoft Defender for Endpoint P1
|
Microsoft Defender for Endpoint P1 offers a foundational set of capabilities, including industry-leading antimalware, cyberattack surface reduction, and device-based conditional access. Customers who use Microsoft 365 E3 also receive this offering. |
|
Microsoft Defender for Endpoint P2 |
Microsoft Defender for Endpoint P2 offers all the capabilities in P1, plus endpoint detection and response, automated investigation and incident response, and cyberthreat and vulnerability management. Also available with Microsoft 365 E5. |
Server subscription licenses
|
Product |
Overview |
|---|---|
|
Microsoft Defender for Endpoint for servers |
Defender for Endpoint for servers is for server protection and offers all the same capabilities as Defender for Endpoint P2. |
|
Microsoft Defender Vulnerability Management Add-On to Microsoft Defender for Endpoint for servers |
This add-on SKU provides advanced vulnerability management capabilities beyond the capabilities Microsoft includes in Defender for Endpoint for servers. |
|
Microsoft Defender for Business for servers (Subscription License) |
Microsoft Defender for Business for servers is an add-on to Defender for Business that enables you to secure your server operating systems with the same protection that Defender for Business provides for client devices. |
Server consumption-based licenses
|
Product |
Overview |
|---|---|
|
Microsoft Defender for Servers P1 |
Defender for Server P1 offers all the same capabilities as Defender for Endpoint for servers. Microsoft licenses and prices it based on consumption. |
|
Microsoft Defender for Servers P2 |
Defender for Servers P2 builds on Defender for Servers P1 with additional capabilities for multi-cloud server environments. Microsoft licenses and prices it based on consumption. |
Licensing models
User subscriptions
You can license protection for client and mobile devices on a user subscription basis through commercial licensing programs such as the Microsoft Cloud Agreement (MCA) or Microsoft Enterprise Agreement (EA). Assign a User Subscription License to the account for any user whose devices you want to protect. [View related Product Terms]
Server subscriptions
You can license server protection on a subscription basis through commercial licensing programs such as the Microsoft Cloud Agreement (MCA) or Microsoft Enterprise Agreement (EA). Assign a separate Subscription License to each physical or virtual server (defined as “each OSE” in the Product terms) you want to protect. [View related Product Terms]
Server consumption
You can also license the protection of servers on a consumption basis through Microsoft Defender for Cloud.
Product-specific provisions
Protecting the licensed user’s devices
For applicable Microsoft Defender products, each User Subscription License (SL) allows you to protect up to five client and/or mobile devices that your organization designates for the Licensed User's use. These may be personal devices or devices your organization provides. (Servers require server-based licensing)
You can change the specific devices being protected, as long as you protect no more than five of the licensed user’s devices at any given time. If a user needs protection for more than five devices simultaneously, you can purchase additional User Subscription Licenses.
Subscription option for advanced Defender capabilities
You can license all the advanced Defender capabilities for your Microsoft 365 Business Premium users by adding the Microsoft Defender Suite for Business Premium. You can also include advanced Microsoft Purview capabilities by adding the combined Microsoft Defender and Purview Suites for Business Premium.
Frequently asked questions
Refer to the FAQ page.
