check before: 2025-04-23
Product:
Defender, Defender for Identity, Defender XDR, Entra
Platform:
Online, US Instances, World tenant
Status:
Change type:
Admin impact, New feature, Updated message
Links:
Details:
Summary:
Deploy the new Defender for Identity sensor on Microsoft Entra Connect servers. The classic sensor is now available, enhancing visibility and security for hybrid identity environments. This update is available globally, and organizations should install the sensor for comprehensive monitoring and threat detection. No admin action is required before the rollout.
Details:
Updated May 8, 2025: We have updated the content. Thank you for your patience.
We are excited to announce the support of the Microsoft Defender for Identity classic sensor on Microsoft Entra Connect servers. This addition expands Defender for Identity's coverage across hybrid identity environments, providing enhanced visibility and security for these critical assets.
[When this will happen:]
General Availability (Worldwide, GCC, DoD): Available now.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-04-23
updated:
2025-05-09
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft has updated its Defender for Identity service to include a classic sensor for Microsoft Entra Connect servers, enhancing threat detection in hybrid identity environments without requiring initial action from administrators.
Direct effects for Operations**
Deployment of New Defender for Identity Sensor
The automatic deployment of the new Defender for Identity sensor may lead to unexpected changes in system performance and user experience, as the sensor begins monitoring authentication activities. Users may experience temporary slowdowns or disruptions during the initial monitoring phase.
- roles: IT Administrators, End Users
- references: https://learn.microsoft.com/defender-for-identity/deploy/active-directory-federation-services, https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/protect-and-detect-microsoft-defender-for-identity-expands-to-entra-connect-serv/4226165
Increased Monitoring and Alerts
With the new sensor, there may be an increase in alerts and notifications related to authentication activities, which could overwhelm IT support teams and lead to user frustration if not properly managed. Users may receive more frequent security prompts or notifications.
- roles: IT Support Staff, End Users
- references: https://learn.microsoft.com/defender-for-identity/deploy/active-directory-federation-services, https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/protect-and-detect-microsoft-defender-for-identity-expands-to-entra-connect-serv/4226165
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2025-05-09 | MC Messages | We are excited to announce the new Microsoft Defender for Identity sensor for Microsoft Entra Connect servers. This addition expands Defender for Identity's coverage across hybrid identity environments, providing enhanced visibility and security for these critical assets.
[When this will happen:] General Availability (Worldwide, GCC, DoD): Available now. | Updated May 8, 2025: We have updated the content. Thank you for your patience.
We are excited to announce the support of the Microsoft Defender for Identity classic sensor on Microsoft Entra Connect servers. This addition expands Defender for Identity's coverage across hybrid identity environments, providing enhanced visibility and security for these critical assets. [When this will happen:] General Availability (Worldwide, GCC, DoD): Available now. |
| 2025-05-09 | MC MessageTagNames | New feature, Admin impact | Updated message, New feature, Admin impact |
| 2025-05-09 | MC How Affect | With the Defender for Identity sensor now available for Entra Connect servers, organizations gain deeper insights into hybrid identity threats. Deploying this sensor allows for more comprehensive monitoring of authentication activities, helping to detect and mitigate potential identity attacks targeting your infrastructure. We strongly recommend installing the Defender for Identity sensor on all Entra Connect servers.
Deploy Defender for Identity sensor for Entra Connect server: New posture recommendations for Entra Connect servers: This change is available by default. | With the Defender for Identity classic sensor now available for Entra Connect servers, organizations gain deeper insights into hybrid identity threats. Deploying this sensor allows for more comprehensive monitoring of authentication activities, helping to detect and mitigate potential identity attacks targeting your infrastructure. We strongly recommend installing the Defender for Identity classic sensor on all Entra Connect servers.
Deploy Defender for Identity classic sensor for Entra Connect server: New posture recommendations for Entra Connect servers: This change is available by default. |
| 2025-05-09 | MC Last Updated | 04/23/2025 05:44:34 | 2025-05-08T18:11:35Z |
| 2025-05-09 | MC Summary | Deploy the new Microsoft Defender for Identity sensor on Microsoft Entra Connect servers to enhance visibility and security in hybrid identity environments. This feature is now generally available and provides deeper insights into identity threats. Review your configuration and notify users as needed. | Deploy the new Defender for Identity sensor on Microsoft Entra Connect servers. The classic sensor is now available, enhancing visibility and security for hybrid identity environments. This update is available globally, and organizations should install the sensor for comprehensive monitoring and threat detection. No admin action is required before the rollout. |
Last updated 5 days ago
