We performed a comparison between Microsoft Defender for Endpoint and Microsoft Entra ID based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Defender for Endpoint is quite good. We haven't really experienced any issues with it."
"The EDR feature is most valuable."
"Technical support has been great."
"The antivirus features are very useful."
"It doesn't cause the slowness of the system, which is one of the reasons why I like it."
"Microsoft Defender is always running. It is doing its job, so it is fine. I don't have any issues with the way it was implemented or how we are running it. We have been upgrading IT throughout the years, but there have been no issues."
"The stability keeps getting better and better."
"It is quite stable. We have not had any cases, i.e., viruses, that would require a reboot, etc. We have never had a situation where we needed to reinstall the tools as a result of the Defender application or a feature being corrupt."
"It is a really nice tool and we have a license for the more complex model."
"For some applications, it's not only working for authentication but it's also being used to apply roles for users. From the management perspective, it's much better to have this because in the past we constantly needed to go into the console of the different solutions and create or delete users or modify their roles and permissions. Now, with Azure Active Directory, we can do that from a single point. That makes our management model much easier."
"The security and compliance features are very helpful. The online information on the site is well documented."
"The most valuable feature is the ability to set up conditional access, where you can enforce users to connect using multifactor authentication."
"It's not intuitive and we use it mainly for our Office 365 files. The integration between the two is interesting. However, the learning curve is high."
"Azure Active Directory provides us with identity-based authentication, which secures access at the user level and also integrates with conditional access policies and multi-factor authentication helping to increase the identity security for that person. So, the hacking and leaking of passwords is a secondary problem because you will not authenticate a person with one factor. There is a second factor of authentication available to increase the security premise for your company."
"I like Azure AD's conditional access policies. Microsoft Entra provides a single pane of glass for managing user access, improving the overall user experience."
"The security features, such as attack surface rules and conditional access rules, are the most valuable aspects of Azure AD."
"Some of the integrations that Defender should include involve the use of the web app."
"I would like MDE to have the ability to isolate a certain amount of time on the timeline."
"We encountered some misbehavior between Microsoft Office Suite and Defender. We had issues of old macros being blocked and some stuff going around the usage of Win32 APIs. There is some improvement between the Office products and Defender, and there is a bunch of stuff that you can configure in your antivirus solutions, but you have several baselines, such as security baselines for Edge, security baselines for Defender, and security baselines for MDM. You have configuration profiles as well. So, there a lot of parts where we can configure our antivirus solution, and we're getting conflicting configurations. This is the major part with which we're struggling in this solution. We are having calls and calls with Microsoft for getting rid of all configuration conflicts that we have. That's really the part that needs to be improved."
"The time to generate certain alerts on our dashboard can take between 45 minutes to an hour, and I am unsure of the factors that influence this duration."
"There is a lot of information to take in, and the portals tend to change quickly due to the fast-paced nature of the industry."
"The central management console should be improved because it provides limited options to configure Windows Defender."
"Alerts need to be sent immediately because as it is now, you see some of them without delay and others arrive perhaps 30 minutes later, and it leaves important gaps in terms of information gathering."
"If they integrate with the EDR then it will benefit this solution."
"The scalability of the solution is good."
"There are issues using it with ADFS."
"ESAE management, especially the admin tools, could be improved. It should be built in by the vendor, and I shouldn't have to add patches or updates to connect to my domain directly. It should be added by default. The price could be better."
"Compatibility features for legacy system integration with new features will be challenging at times."
"Sometimes, what one customer may like, another may not like it. We have had customers asking, "Why is Microsoft forcing us to do this?" For example, when you use Exchange Server on-premise, then you can customize it for your company and these customizations are unlimited. However, if you use Exchange Online or with Microsoft 365, then your ability to make modifications is limited. So, only the cloud versus is limited."
"I would like to be able to authenticate Wi-Fi users using the Azure ID"
"In a hybrid deployment, when we update a license by changing the UPN or email address of a user, it does not get updated automatically during normal sync. This means that we have to update it manually from Azure, which is something that needs to be corrected."
"Be aware that it may not work perfectly globally yet. There are still glitches with the solution in Africa."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 5th in Microsoft Security Suite with 182 reviews while Microsoft Entra ID is ranked 4th in Microsoft Security Suite with 190 reviews. Microsoft Defender for Endpoint is rated 8.0, while Microsoft Entra ID is rated 8.6. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Cortex XDR by Palo Alto Networks, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Cisco Duo and Yubico YubiKey. See our Microsoft Defender for Endpoint vs. Microsoft Entra ID report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
In recent years Microsoft has really upped its game with Defender and Intune. As core cyber-security for an SME, keeping just to Microsoft is now a real option. The challenge is understanding the gaps / cyber security service weaknesses (if they exist) in comparison with other vendors such as ESET, Malwarebytes, Trend Micro, etc.
Azure AD Services, Defender for Endpoint, and Intune are all Microsoft products, but it is important to understand how each product works as they may not be compatible and there may be some limitations.
Devices managed through Intune may not have all of the Defender for Endpoint features. Some advanced features such as automated investigation and remediation may only be available for devices that are enrolled in Defender for Endpoint standalone.
In addition, Azure AD and Intune have different requirements for device enrollment and management. Intune requires devices to be enrolled and managed through an MDM solution, while Azure AD provides basic device management capabilities but may not support all of the features available in Intune.
Lastly, there may be limitations to how user identities and access are managed between Azure AD and Intune. Some features that are available in Azure AD, such as conditional access policies, may not suit Intune, and additional configuration may be required to ensure that user identities and access are properly managed across both services.
If anyone out there has other experiences, please let me know!
It depends on your company's infrastructure. Check with your cyber team whether you can sync your endpoints to Cloud using Azure AD as Azure Registered/ Azure Hybrid AD join/ Azure AD join, etc.
1. So, if the ask is only to enroll them in Intune to leverage defender/BitLocker services - go directly to Azure AD's join approach.
2. If you still want to manage patch management/mcm BitLocker but Defender via cloud, the approach should be Azure Hybrid AD join.
3. You can still use autopilot using both of these approaches.
I believe it is a good first step, and I would say even a requirement, but in no way is it a comprehensive security solution, even for endpoints.
There are many things that need to be addressed for security. In addition to this, there is XDR, MDR, more comprehensive AV for endpoints & Servers that stop attacks, Threat Hunting, Mitigation, PEN Testing, Security Training for end users, Multi-Factor Authentication (Microsoft's MFA is good but only for Microsoft products), Patch Management for Endpoints, Servers and Cloud Workloads, Network Access Control, Firewalls for On-Premise and Cloud server workloads, Network Segmentation, Password Management, Data Backups (3-2-1-1 Rule) with Immutable Backups, Power Backups, Physical Security, Monitoring, NOC/SOC services, and working towards a Zero Trust architecture...
But there are no single-point solutions that will make you secure, so don't get complacent. And you can outspend your profits if you do everything. Just remember it's best to have a layered approach that works together and looks at everything from a security perspective and how it integrates with your overall security plans and objectives to help identify holes and possible mitigations.
Healthcare must do Risk Assessments by law, but I recommend that all companies of all sizes do at least annual risk assessments since there is so such thing as being too small or inconspicuous to be hit with malware or have a cyber security attack since much of the delivery is automated and not just by the script-kiddies of years gone by... Nation States are actively engaging in cyber warfare daily, along with terrorists, and opportunists looking to make big money from you...