The Microsoft Defender ATP team is thrilled to announce Microsoft Defender Advanced Threat Protection (ATP) for Linux.
The new Linux GA support in Microsoft Defender ATP makes the product commercially available across multiple platforms (Windows, macOS and Linux), with Android and iOS commercial support yet to come.
Microsoft Defender ATP now supports the following Linux Server distros, per Microsoft’s announcement:
- RHEL 7.2+
- CentOS Linux 7.2+
- Ubuntu 16 LTS, or higher LTS
- SLES 12+
- Debian 9+
- Oracle Linux 7.2
Adding Linux into the existing selection of natively supported platforms by Microsoft Defender ATP marks an important moment for all our customers. It makes Microsoft Defender Security Center a truly unified surface for monitoring and managing security of the full spectrum of desktop and server platforms that are common across enterprise environments (Windows, Windows Server, macOS, and Linux).
Minimum kernel version 3.10.0-327. Required disk space is 650 MB.
The solution currently provides real-time protection for the following file system types: btrfs, ecryptfs, ext2, ext3, ext4, fuse, fuseblk, jfs, nfs, overlay, ramfs, reiserfs, tmpfs, udf, vfat and xfs.
IT pros need to have a beginner experience level in “Linux and Bash scripting” to install Microsoft Defender ATP for Linux, per Microsoft’s documentation. Microsoft Defender ATP for Linux “can be deployed and configured using Puppet, Ansible, or using your existing Linux configuration management tool,” Microsoft’s announcement explained.
The announcement included a terse note that Microsoft Defender ATP for Linux “requires the Microsoft Defender ATP for Servers license” without further elaboration. Organizations likely will have to talk with a Microsoft Cloud Solution Partner to get the fine print.