We use Microsoft Defender for endpoints on our physical workstations. I’m now looking at it for our servers. The servers are currently using SCCM to configure, update, and report, but its lacking compared to what you get with ATP and Microsoft security center.

I’ve created an onboard package in SCCM and created the necessary firewall rules to allow the servers to access defender sites. Here are links I’ve been using to get things setup. My first manual onboarding and setup is going well, now to scale out.
Microsoft Defender for Endpoint – Configuration Manager | Microsoft Learn
Server migration scenarios for the new version of Microsoft Defender for Endpoint | Microsoft Learn
Onboarding using Microsoft Configuration Manager | Microsoft Learn