I understand now. MDFC is a subscription-level service. Most of the settings cannot be scoped or excluded on specific resources. In this example, you want to limit MDE onboarding to a single VM. I recommend leaving this turned off in MDFC. You can onboard individual servers and devices using MDE's own onboarding tools. That option was added for scenarios like this.
Integrating Defender for Endpoint with Defender for Cloud by server not by Subscription
mara7
161
Reputation points
Please give me a guide on how to integrate Defender for Endpoint and Defender for Cloud by server, not by subscription.
Do I need to set "Vulnerability Machine needs to be installed" in policy mdc to integrate with mde?
I'm trying to integrate using policy settings.
Accepted answer
-
Andrew Blumhardt 9,831 Reputation points Microsoft Employee
2023-08-02T12:39:39.0333333+00:00
1 additional answer
Sort by: Most helpful
-
Rafael Khokhar (MSFT) 0 Reputation points Microsoft Employee
2024-04-15T16:28:01.8266667+00:00 Hi @mara7 & @Andrew Blumhardt this feature request has recently been fixed and can now be achieved: https://video2.skills-academy.com/en-us/azure/defender-for-cloud/tutorial-enable-servers-plan#enable-defender-for-servers-at-the-resource-level