Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article describes the requirements for Defender for Business.
What to do
Review the requirements
The following table lists the basic requirements you need to configure and use Defender for Business.
| Requirement | Description |
|---|---|
| Subscription | Microsoft 365 Business Premium or Defender for Business (standalone). For more information, see How to get Defender for Business. |
| Datacenter | One of the following datacenter locations:
|
| User accounts |
To get help with this task, see Add users and assign licenses. |
| Permissions | To use the Microsoft Defender portal to view or manage devices and security policies, users must have an appropriate role assigned in Microsoft Entra ID:
To learn more, see Roles and permissions in Defender for Business. |
| Browser | Microsoft Edge or Google Chrome |
| Client computer operating system | To manage devices in the Microsoft Defender portal, your devices must be running one of the following operating systems:
Make sure that KB5006738 is installed on the Windows devices. |
| Mobile devices | To onboard mobile devices, such as iOS or Android OS, you can use Mobile threat defense capabilities or Microsoft Intune. For more information about onboarding devices, including requirements for mobile threat defense, see Onboard devices to Microsoft Defender for Business. |
| Server license | To onboard a device running Windows Server or Linux Server, you need another license, such as Microsoft Defender for Business servers (see note 1 below). |
| Server requirements | Windows Server endpoints must meet the requirements for Defender for Endpoint, and enforcement scope must be turned on.
Linux Server endpoints must meet the prerequisites for Microsoft Defender for Endpoint on Linux. |
Note
To onboard servers, we recommend using Microsoft Defender for Business servers. Alternately, you could use Microsoft Defender for Servers Plan 1 or Plan 2. For more information, see Onboard devices to Microsoft Defender for Business.
Microsoft Entra ID is used to manage user permissions and device groups. Microsoft Entra ID is included in your Defender for Business subscription.
- If you don't have a Microsoft 365 subscription before you start your trial, Microsoft Entra ID is provisioned for you during the activation process.
- If you do have another Microsoft 365 subscription when you start your Defender for Business trial, you can use your existing Microsoft Entra service.
Security defaults are included in Defender for Business. If you prefer to use Conditional Access policies instead, you need Microsoft Entra ID P1 or P2 (P1 is included in Microsoft 365 Business Premium). For more information, see Multifactor authentication in Microsoft 365.
Next steps
- If you don't already have Defender for Business, see Get and provision Microsoft Defender for Business.
- If you're starting a trial subscription, see the Trial user guide: Microsoft Defender for Business.
- If you're ready to set up Defender for Business for your organization, see Set up and configure Microsoft Defender for Business.