• Install & Activate
  • Troubleshooting
BEST Antivirus KBS : Largest Anti-Malware Knowlegde Base and Support
  • Install & Activate
  • Troubleshooting

Microsoft Defender for Endpoint for US Government customers

/Download, Install & Active / Microsoft / Download, Install & Active / Microsoft / Microsoft Endpoint / Microsoft Defender for Endpoint for US Government customers
  • December 23, 2021
  • BEST Antivirus Staff 2
  • Microsoft / Microsoft Endpoint

Contents

  1. Licensing requirements
    1. Desktop licensing
    2. Server licensing
  2. Portal URLs
  3. Endpoint versions
    1. Standalone OS versions
    2. OS versions when using Microsoft Defender for servers
  4. Required connectivity settings
  5. API
  6. Feature parity with commercial
    1. Source : Official Microsoft Brand Editor by : BEST Antivirus KBS Team
0
(0)

Microsoft Defender for Endpoint for US Government customers, built in the Azure US Government environment, uses the same underlying technologies as Defender for Endpoint in Azure Commercial.

This offering is available to GCC, GCC High, and DoD customers and is based on the same prevention, detection, investigation, and remediation as the commercial version. However, there are some differences in the availability of capabilities for this offering.

 Note

If you are a GCC customer using Defender for Endpoint in Commercial, please refer to the public documentation pages.

Licensing requirements

Microsoft Defender for Endpoint for US Government customers requires one of the following Microsoft volume licensing offers:

Desktop licensing


DESKTOP LICENSING
GCC GCC High DoD
Microsoft 365 GCC G5 Microsoft 365 E5 for GCC High Microsoft 365 G5 for DOD
Microsoft 365 G5 Security GCC Microsoft 365 G5 Security for GCC High Microsoft 365 G5 Security for DOD
Microsoft Defender for Endpoint – GCC Microsoft Defender for Endpoint for GCC High Microsoft Defender for Endpoint for DOD
Windows 10 Enterprise E5 GCC Windows 10 Enterprise E5 for GCC High Windows 10 Enterprise E5 for DOD

Server licensing


SERVER LICENSING
GCC GCC High DoD
Microsoft Defender for Endpoint Server GCC Microsoft Defender for Endpoint Server for GCC High Microsoft Defender for Endpoint Server for DOD
Microsoft Defender for servers Microsoft Defender for servers – Government Microsoft Defender for servers – Government

Portal URLs

The following are the Microsoft Defender for Endpoint portal URLs for US Government customers:


PORTAL URLS
Customer type Portal URL
GCC https://security.microsoft.com
GCC High https://securitycenter.microsoft.us
DoD https://securitycenter.microsoft.us

 Note

If you are a GCC customer and in the process of moving from Microsoft Defender for Endpoint commercial to GCC, use https://transition.security.microsoft.com to access your Microsoft Defender for Endpoint commercial data.

Endpoint versions

Standalone OS versions

The following OS versions are supported:


STANDALONE OS VERSIONS
OS version GCC GCC High DoD
Windows 11 Yes. Yes Yes
Windows 10, version 21H1 and above Yes. Yes Yes
Windows 10, version 20H2 (with KB4586853 1) Yes. Yes Yes
Windows 10, version 2004 (with KB4586853 1) Yes. Yes Yes
Windows 10, version 1909 (with KB4586819 1) Yes. Yes Yes
Windows 10, version 1903 (with KB4586819 1) Yes. Yes Yes
Windows 10, version 1809 (with KB4586839 1) Yes. Yes Yes
Windows 10, version 1803 (with KB4598245 1) Yes. Yes Yes
Windows 10, version 1709 No.
Note: Won’t be supported
Yes With KB4499147 1
Note: Deprecated, please upgrade
No
Note: Won’t be supported
Windows 10, version 1703 and earlier No.
Note: Won’t be supported
No
Note: Won’t be supported
No
Note: Won’t be supported
Windows Server 2022 Yes. Yes Yes
Windows Server 2019 (with KB4586839 1) Yes. Yes Yes
Windows Server 2016 (Modern) 2 Yes.
Public preview
Yes
Public preview
Yes
Public preview
Windows Server 2012 R2 (Modern) 2 Yes.
Public preview
Yes
Public preview
Yes
Public preview
Windows Server 2016 (Legacy) 3 Yes. Yes Yes
Windows Server 2012 R2 (Legacy) 3 Yes. Yes Yes
Windows Server 2008 R2 SP1 (Legacy) 3 Yes. Yes Yes
Windows 8.1 Enterprise (Legacy) 3 Yes. Yes Yes
Windows 8 Pro (Legacy) 3 Yes. Yes Yes
Windows 7 SP1 Enterprise (Legacy) 3 Yes. Yes Yes
Windows 7 SP1 Pro (Legacy) 3 Yes. Yes Yes
Linux Yes. Yes Yes
macOS Yes. Yes Yes
Android No. In development No In development No In development
iOS No. In development No In development No In development

 Note

1 The patch must be deployed prior to device onboarding in order to configure Defender for Endpoint to the correct environment.

2 Learn about the unified modern solution for Windows 2016 and 2012 R2. If you have previously onboarded your servers using MMA, follow the guidance provided in Server migration to migrate to the new solution.

3 When using Microsoft Monitoring Agent you’ll need to choose “Azure US Government” under “Azure Cloud” if using the setup wizard, or if using a command line or a script – set the “OPINSIGHTS_WORKSPACE_AZURE_CLOUD_TYPE” parameter to 1.
The minimum MMA supported version is 10.20.18029 (March 2020).

OS versions when using Microsoft Defender for servers

The following OS versions are supported when using Microsoft Defender for servers:


OS VERSIONS WHEN USING MICROSOFT DEFENDER FOR SERVERS
OS version GCC GCC High DoD
Windows Server 2022 Yes. Yes Yes
Windows Server 2019 Yes. Yes Yes
Windows Server 2016 Yes. Yes Yes
Windows Server 2012 R2 Yes. Yes Yes
Windows Server 2008 R2 SP1 Yes. Yes Yes

Required connectivity settings

If a proxy or firewall is blocking all traffic by default and allowing only specific domains through, add the domains listed in the downloadable sheet to the allowed domains list.

The following downloadable spreadsheet lists the services and their associated URLs your network must be able to connect to. Verify there are no firewall or network-filtering rules that would deny access to these URLs, or create an allow rule specifically for them.

REQUIRED CONNECTIVITY SETTINGS
Spreadsheet of domains list Description
Thumb image for Microsoft Defender for Endpoint URLs spreadsheet. Spreadsheet of specific DNS records for service locations, geographic locations, and OS.Download the spreadsheet here.

For more information, see Configure device proxy and Internet connectivity settings.

 Note

The spreadsheet contains commercial URLs as well, make sure you check the “US Gov” tabs.

When filtering, look for the records labeled as “US Gov” and your specific cloud under the geography column.

API

Instead of the public URIs listed in our API documentation, you’ll need to use the following URIs:


API
Endpoint type GCC GCC High & DoD
Login https://login.microsoftonline.com https://login.microsoftonline.us
Defender for Endpoint API https://api-gcc.securitycenter.microsoft.us https://api-gov.securitycenter.microsoft.us
SIEM https://wdatp-alertexporter-us.gcc.securitycenter.windows.us https://wdatp-alertexporter-us.securitycenter.windows.us

Feature parity with commercial

Defender for Endpoint for US Government customers doesn’t have complete parity with the commercial offering. While our goal is to deliver all commercial features and functionality to our US Government customers, there are some capabilities not yet available we want to highlight.

These are the known gaps:


FEATURE PARITY WITH COMMERCIAL
Feature name GCC GCC High DoD
Network assessments No In development No In development No In development
Network discovery Yes No In development No In development
Reports: Attack surface reduction, Device Control, Device health, Firewall No In development No In development No In development
Web content filtering No In development No In development No In development


Source : Official Microsoft Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

(Visited 9 times, 1 visits today)
Tagged: MicrosoftMicrosoft for Endpoint

Related Articles

  • All about Microsoft

  • Overview of Microsoft 365 Lighthouse

  • Microsoft Defender for Business (preview) – Frequently asked questions and answers

  • Get help and support for Microsoft Defender for Business (preview)

  • Manage your custom rules for firewall policies in Microsoft Defender for Business (preview)

  • Firewall in Microsoft Defender for Business (preview)

ask or enter a search term

Top Rated Posts

5 (1)

Identity Protection – Enrolment/Registering (TotalAV)

5 (7)

[KB2885] Download and install ESET offline or install older versions of ESET Windows home products

5 (1)

Base Filtering Engine not found (Kaspersky)

5 (1)

Installing on iPhone & iPad

5 (1)

[KB7857] Set up an HTTPS/SSL connection for ESET PROTECT (8.x) Linux

About

We are BEST Antivirus , Trusted Comparison and Cheap Antivirus Software 2020. KBS is Knowledge Base and Support : This page was created to guide customers through the installation and to resolve all the common errors of anti-virus software.

Partners

› Avast
› AVG
› BitDefender
› ESET
› Trend Micro
› All Partners

Resources

› Store
› Advertise
› Brand Reviews
› Review Platforms
› Contact Page
› Knowledge Base

  • Install & Activate
  • Troubleshooting
© Copyright by BEST Antivirus by SSG Limited