Microsoft Defender for Endpoint and Microsoft Intune serve different purposes. The first protects endpoints from cyber threats like viruses, malware, ransomware, and phishing attacks, and the second is a management console that helps you control and configure your devices.
To summarize, both are Microsoft products and offer seamless integration with other Microsoft tools. Microsoft Defender for Endpoint helps secure your devices from cyber threats and Microsoft Intune helps manage and configure various devices within your organization.
"We have just started to implement it. It is useful for protection from malware and ransomware."
"Automatic scanning and cleaning of viruses is the best and most valuable feature helping this tool to thrive. If any viruses are found, they are cleaned automatically."
"It automatically detects intrusion and malware."
"Its threat intelligence feature is beneficial. This solution smoothly integrates with SIEM."
"Its real-time security is the most valuable."
"It's stable."
"It's free. There is no additional cost. It's part of Windows."
"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."
"Intune provides full visibility into all active mobile device users. If their devices are noncompliant with our security policies, I have the flexibility to update them remotely."
"It provides control over all mobile devices that are being connected to the corporate network."
"The central administration con dashboard is very easy to use and provides very good oversight on all that needs to be monitored."
"The one feature we find most useful is the Mobile Application Manager. There are two types, we have the complete MDM and the Mobile Application Manager(MAM). We don't give our users phones, it is their own personal phone, and we need to allow them to have access to the company detail on their phone. We need to create a balance between their own personal data and the company data. We deploy the Mobile Application Manager for them so that we won't be able to interfere with their own personal data."
"The security-related tools are excellent; these features allow us to secure devices, lock them down, and ensure compliance."
"Among the most valuable features are the Company Portal that is built into Intune, and the update rings so that we can manage what types of future updates the devices get."
"Its direct integration with all the other products that we have from Microsoft is valuable. We're using the E5 license, and we have a whole wealth of different products available. It just makes it easier to have everything from one provider."
"I can reach devices or computers over the internet. I don't need to worry about the network connectivity between the offices. I can manage any device. That is the most important part."
"The central management console should be improved because it provides limited options to configure Windows Defender."
"The scanning is slow when it is working with incoming emails."
"Phishing and Malware detection could be better."
"In India at least, it seems to be a bit more expensive than other options."
"The automation could be simpler on the mitigation side. It has a learning curve. Otherwise, it's pretty easy."
"I would like to see online updates for patches for this solution. I would also like to see online information about what is trending in the market in terms of spams, viruses, or trojans. It takes some time to understand how this solution works. A few things are unclear at the beginning, such as whether it actually restricts the virus or spam at the initial stage, or when there is a security update, how will we come to know and how will it get synchronized. It would be really helpful if there is some kind of knowledge base in the form of video, audio, or document that can explain in a user-friendly way the setup, features, risks, and process to mitigate the risks. Currently, I have installed endpoint security for every individual system. I could not install it like other endpoint solutions where we have a server and a client. It would be really helpful if Microsoft Windows Defender has a server-client based model so that I can save some bandwidth when it downloads or uploads features. It will be helpful if we have a LAN-based or WAN-based controlling system."
"I would like the solution to be able to prevent unauthorized programs from installing and to block unauthorised URLs which is similar to web filtering product."
"Its user interface (UI) can be improved. Currently, in the console, you have to dig down for certain things. They've got many different layers to get to things instead of having it all on the surface. You have to go three folds lower to get to specific functionality or click a particular option. It would be good if we can manage the console through menus and instead of three clicks, we can do things in one click. They need to change the UI and work on it in terms of a better user experience."
"One area for improvement is app deployment. Another is the Windows update rollout. If you're rolling out an object to a device that's offline, Intune stops trying to reach this device after it sits idle for a bit. We are forced to find a workaround that could help manage that."
"There can be some added features, such as an improved dashboard. Any new feature that could be a benefit to our customers would be good."
"Intune has some limitations when it comes to application updates for third-party applications. You can schedule an update, but when it's a package setup, you need to supercede and replace it each time."
"The installation could be improved to be simplified."
"It doesn't economize when you scale up. We have over 14,000 employees, and we have between 7,500 and 8,000 city-owned or personal devices being used to conduct city business. Its price can be improved. It is not a cheap solution."
"Technical support is not that great."
"Intune lags all of its competitors in terms of report generation."
"Microsoft Intune has a latency response time issue. The latency has room for improvement."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 5th in Microsoft Security Suite with 182 reviews while Microsoft Intune is ranked 3rd in Microsoft Security Suite with 165 reviews. Microsoft Defender for Endpoint is rated 8.0, while Microsoft Intune is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Microsoft Intune writes "We can manage all aspects of our devices from a single console, easy to scale, and quick to deploy". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and ESET Endpoint Protection Platform, whereas Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, Microsoft Entra ID and AWS Systems Manager. See our Microsoft Defender for Endpoint vs. Microsoft Intune report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
In recent years Microsoft has really upped its game with Defender and Intune. As core cyber-security for an SME, keeping just to Microsoft is now a real option. The challenge is understanding the gaps / cyber security service weaknesses (if they exist) in comparison with other vendors such as ESET, Malwarebytes, Trend Micro, etc.
Azure AD Services, Defender for Endpoint, and Intune are all Microsoft products, but it is important to understand how each product works as they may not be compatible and there may be some limitations.
Devices managed through Intune may not have all of the Defender for Endpoint features. Some advanced features such as automated investigation and remediation may only be available for devices that are enrolled in Defender for Endpoint standalone.
In addition, Azure AD and Intune have different requirements for device enrollment and management. Intune requires devices to be enrolled and managed through an MDM solution, while Azure AD provides basic device management capabilities but may not support all of the features available in Intune.
Lastly, there may be limitations to how user identities and access are managed between Azure AD and Intune. Some features that are available in Azure AD, such as conditional access policies, may not suit Intune, and additional configuration may be required to ensure that user identities and access are properly managed across both services.
If anyone out there has other experiences, please let me know!
It depends on your company's infrastructure. Check with your cyber team whether you can sync your endpoints to Cloud using Azure AD as Azure Registered/ Azure Hybrid AD join/ Azure AD join, etc.
1. So, if the ask is only to enroll them in Intune to leverage defender/BitLocker services - go directly to Azure AD's join approach.
2. If you still want to manage patch management/mcm BitLocker but Defender via cloud, the approach should be Azure Hybrid AD join.
3. You can still use autopilot using both of these approaches.
I believe it is a good first step, and I would say even a requirement, but in no way is it a comprehensive security solution, even for endpoints.
There are many things that need to be addressed for security. In addition to this, there is XDR, MDR, more comprehensive AV for endpoints & Servers that stop attacks, Threat Hunting, Mitigation, PEN Testing, Security Training for end users, Multi-Factor Authentication (Microsoft's MFA is good but only for Microsoft products), Patch Management for Endpoints, Servers and Cloud Workloads, Network Access Control, Firewalls for On-Premise and Cloud server workloads, Network Segmentation, Password Management, Data Backups (3-2-1-1 Rule) with Immutable Backups, Power Backups, Physical Security, Monitoring, NOC/SOC services, and working towards a Zero Trust architecture...
But there are no single-point solutions that will make you secure, so don't get complacent. And you can outspend your profits if you do everything. Just remember it's best to have a layered approach that works together and looks at everything from a security perspective and how it integrates with your overall security plans and objectives to help identify holes and possible mitigations.
Healthcare must do Risk Assessments by law, but I recommend that all companies of all sizes do at least annual risk assessments since there is so such thing as being too small or inconspicuous to be hit with malware or have a cyber security attack since much of the delivery is automated and not just by the script-kiddies of years gone by... Nation States are actively engaging in cyber warfare daily, along with terrorists, and opportunists looking to make big money from you...