Has anyone had any experience deploying the Defender for Endpoint onboarding package into a purely on-prem environment?
Can you manage Defender on those PCs via the Intune after its installed and it's reporting? The doco MS isn't quite clear in this scenario (although I could havemissed it), and my environment isn't mature enough to have PCs that are Entra joined.
Thanks!
Depends on licensing. There are 2 options for on-prem, discarding co-management and Intune workloads.
We deployed the onboarding package via Config mgr, we have AM and ASR rules setup and deployed via CM as well. We also have most of our Prod systems managed via MDE as it offers greater granularity with policies.
Side note: Server 2012/16 require additional steps for the MDE agent, but both scenarios still apply once the agent is installed/updated.