We are a government organization, and we use Microsoft Defender for Endpoint Protection.
We also use it for vulnerability scanning and assessment, which is very useful.
We are a government organization, and we use Microsoft Defender for Endpoint Protection.
We also use it for vulnerability scanning and assessment, which is very useful.
Microsoft Defender for Endpoint is a robust platform. The endpoint detection response is quite good.
Some executive reporting is inefficient, and we're looking into ways to improve it.
In the next release, I would like to see better management reporting.
I have been working with Microsoft Defender for Endpoint for two years.
Microsoft Defender for Endpoint is a stable solution.
Microsoft Defender for Endpoint is definitely scalable.
Technical support is quite good.
Previously, we didn't work with anything as sophisticated. We used a pretty old-style endpoint detection response.
On new devices, the initial setup is quite easy, while some of the older devices had some issues unpicking the old EDR product that had nothing to do with Defender.
Pricing can always be lower.
To achieve the best results holistically, consider the total cost of ownership of the Microsoft suite of products.
I would rate Microsoft Defender for Endpoint a seven out of ten.
Our clients use it for antivirus and anti-malware purposes.
It depends on the licensing. Most of the customers have got at least a 365 E3 license, and they can use most of the features of Windows 10 Defender. So, anyone who has got an enterprise license can start using those features. Some of the customers have got E5 licenses, and they can use all advanced features. Customers with E5 licenses use the advanced site protection (ATP) features and web content filtering without going via a proxy, which gives the benefit of replacing the proxy. They can get the benefit of MCAS and integration with Intune and the endpoint manager. It is a kind of single platform for all 365 technologies. It helps customers in managing everything through a unified portal.
Normally, we implement the attack surface reduction (ASR) rules and exploit protections. We also use Microsoft Defender Application Guard and ad blocker. Instead of using the application control list, we use the ad blocker at most of the places.
What I've heard from the customers is that the anti-malware engine is not up to date. So, sometimes, it may not detect such threats. I, however, haven't got any data to show for this.
Its licensing can be better. Currently, customers with the E3 license cannot use many features, and they would like those features to be available. With Windows 10 E5, Microsoft is phasing out all the functionality. They have also made a lot of changes recently where you can also buy add-ons for Defender ATP, but for Office 365, ADT, and other stuff, you still require E5 licensing. If they can improve its licensing, it would definitely be helpful in implementing the features from the security point of view. E5 definitely has more features from the security point of view.
I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great.
We have been recommending Defender to customers for Windows 10 and helping them in implementing it for two years.
It is okay in terms of stability. I haven't seen any issues. Even if you go for a third-party vendor as your primary anti-malware software, you can get the benefit of Defender in a passive mode.
I am an Azure engineer, and I work with an architect to design the solutions. I'm not a security person, and I don't know whether it catches all the new malware that comes into the IT world, and how quickly it gets updated because it is not my area of work as I'm not an SEC OP admin. I have read a few articles mentioning that the engine might only be 80% or 90% up to date. Obviously, no engine is 100% up to date, but it is still a little bit behind some of the third-party vendors.
We haven't used their support much, but one of my colleagues has had some problems, and I think he didn't get good support from Microsoft. So, obviously, it depends on what kind of support engineer you have been assigned. Sometimes, it can be difficult. It is not only applicable to Defender; it could be with any of the products.
While implementing the ASR rules and other things, if you don't put it in the audit mode and don't do proper discovery, then it can definitely break lots of applications. You need to adhere to the implementation guidelines for ASR rules. So, proper analysis definitely needs to be done before implementing those rules because it can affect the business functionality.
Its deployment can take from few weeks to months depending on the size of the organization. In terms of the implementation strategy, we start with the pilot key users, and we deploy those policies. We also deploy ASR rules and other exploit protection rules in the audit mode, instead of directly enabling them. We then monitor the resources in terms of what can be blocked or what can get impacted by those rules. After that, we work with the users to implement it and see whether it breaks anything. If it breaks, then we look at the solutions. After we are happy with all those solutions and we know that enabling it won't break anything on a business side, we just roll it out.
Our clients are definitely seeing an ROI. Some of the clients have already got the licenses, and they can use lots of features of their Defender ATP. They are basically saving the cost of not going with a third-party solution.
Some of the clients who already had another third-party solution are also moving to Defender ATP because they already have the licenses, and they can save the cost on those. One of our clients is using ESET. They have the ESET standard version, so they are not getting any of the other features. They already have an E5 license to use all Defender ATP features. So, obviously, it would be beneficial for them to go with Defender ATP.
We did a little bit of comparison with Sophos. Sophos also offers cloud and network protection, but it would be an extra cost to buy it if you already have a license of Defender ATP. With Sophos, the USB features are a part of the cloud solution. So, you can configure USB restrictions and other things in the Sophos portal. With Defender, you will have to implement the USB security features via GPO or something else.
I would definitely recommend others to go with Defender ATP if they have got the licenses because it can give them a wide range of security controls. It is integrated with Office portals and Microsoft monitoring systems, so they get the sensors from different places. We haven't come across any security threats yet. From the point of view of its theory, implementation, and architecture, Defender ATP and other ATP integrations would definitely help customers in controlling their organization and implementing the best security rules and policies.
It hasn't affected the user experience much for our customers. Customers only see the notification pop up saying that Defender hasn't found anything and things like that.
I would rate Microsoft Defender for Endpoint a seven out of 10.
It is an antivirus. It is like any other antivirus, except it comes with Windows and you don't need to install anything extra.
People will ask you, "My system does not have an antivirus," because it is so hidden and subtle. You don't feel like you have an antivirus. Many users will wonder and come to you, saying, "I don't have an antivirus installed. Is that company policy? Do we need to get it from outside and install it?" So, we have to tell them, "No, there is an antivirus. It is there."
It is so seamless that people don't even feel or see it. It is just protecting everybody. If you are some kind of techie or have some experience with Windows Operating System, only then do you know that this thing is already built-in. If you go into the Task Manager, you can find the antivirus using up a lot of memory and a bit of CPU power, then you will understand that is the antivirus doing this. Normally, many people don't realize this.
It is already integrated with Windows 10, so you don't need to worry about that.
It is a basic firewall with some additional anti-exploit measures and parental controls already built in.
It is using a large space in your memory all the time. While an antivirus will use some of your memory, if they could reduce the load of the antivirus to some extent that would be good.
We started using it when they started bundling it with Windows 10, which has been around three or four years.
It is very stable.
You do not need to worry about maintenance. It is automatically updated. Sometimes it will show you a red marker to do a system scan. People normally kind of ignore that, but I suggest people do a system scan from time to time. Now, what happens is just a bubble icon showing a red cross sign, but that may not be enough. It should give a pop-up window to remind people to scan the system once a month or quarter. It should be built-in scanning, without asking anybody, once per month or quarter.
It is scalable.
There is no need to get an additional solution because it comes bundled with Windows.
We are protecting around 60 to 70 endpoints in India. In the entire company, there may be around 400 to 500.
We have used other antiviruses, like McAfee and Avira Antivirus.
The same thing can be viewed as a pro and a con:
Pro: It is more than silent; you do not even realize that it is an antivirus. Any other antivirus third-party will nag you with pop ups for any small threats. They want to show that they are doing something because you pay them money. They are funny, colorful pop-ups, whatever color they use is like an advertisement for them, e.g., "They are doing it wrong, and we pointed it out." Windows Defender does not do that. In a way, this is good for the people who know the threat sender. They do not really need to be nagged by the antivirus every time you open a site or click on a file.
Con: For normal people who do not know anything about the security side, some pop ups should be there. Some pop-ups call people's attention that you are doing it the wrong way. For example, "This is potentially wrong. Don't visit this site. Don't potentially open this link, file, or attachment." This is missing in Windows Defender.
It has a good return on investment, especially since we are used to paying for antivirus. Now, it is part of the Windows purchase.
You don't need to worry about the renewal and purchase of antivirus products. It is bundled with Windows 10, so you don't need to worry about separately purchasing any antiviruses.
Whenever you purchase an antivirus, there are so many factors to consider, such as, weighing, doing a comparison, studying everything, and analyzing the cost-benefit factors. You don't need to consider any of this with Windows Defender because it all comes with it. So, you don't need to worry about it.
With Windows Defender, Microsoft is protecting their own operating system from hackers, viruses, malware, etc. It is better to use Windows Defender over other third-party providers. Microsoft knows what best is for the solutions.
If your computers or users are limited and you are not worried about using your computers for a lot of other browsing purposes or a lot of communication from the public, then you can depend on Microsoft Defender as your only solution. However, when your company is a lot more public facing, then you get a lot of mail from the public and must interact with the public. Also, if you must connect your computer to other computers not in your company, then I would suggest going for either a top-of-the line antivirus solution or third-party solutions. Totally depending on Microsoft Defender is not going to work for a company who is facing a lot of public interactions with their computer system.
I would rate it as an eight out of 10.
We use this solution for business security protection.
One of the main features is the solution is very light on resources and we do not have any problems with it.
There is room to improve the security of the solution.
We have plans to add an email security solution because this solution does not provide us with what we want.
I have been using this solution for approximately three years.
The solution is stable.
I have found the scalability of the solution good.
We were previously using the Avast security solution.
The installation is very easy, it takes only one day.
We did the implementation ourselves. We have approximately 10 engineers able to do the deployments and maintenance.
There is not a license required for this particular solution.
I would recommend this solution to others.
I rate Microsoft Defender Antivirus an eight out of ten.
It can reach our applications and PC activities in the cloud.
Notifications are always popping up — I hate that. It could also be easier to use and more robust, overall.
I have been using Microsoft Defender Antivirus for roughly two years.
Within our organization, there are roughly 500 employees covered by Microsoft Defender Antivirus.
We have a team of 10 employees that handle all maintenance-related issues. We definitely plan to continue using this solution.
Microsoft Defender Antivirus could be more scalable.
I am satisfied with the technical support.
Microsoft Defender Antivirus is easy to install. Installation takes half an hour, maximum.
Microsoft Defender Antivirus integrates automatically.
You need a license to use this solution.
We evaluated McAfee MOVE antivirus.
Overall, on a scale from one to ten, I would give this solution a rating of seven. If they improved the scalability, I would give it a higher rating.
We are using Microsoft Defender ATP to prevent anti-phishing, malware transportation, and unwanted spam emails.
What I like most is the protection against phishing emails and anti-spam.
The integration of the defense features is something that they are working on but it still needs improvement.
In the next release, I would like to have additional features integrated with DNS security and DNS resolution. It will add to the solution and work more like a firewall.
If they integrate with the EDR then it will benefit this solution.
I would like ATP to be integrated with the EDR as one single license.
I have been working with Microsoft Defender ATP for three years.
It is stable, but it depends on how you configure the existing ATP and what existing features you need to enable it.
Based on the features that are enabled, it will work perfectly. 60% to 80% will depend on the configuration that is done for the ATP trade products.
Microsoft Defender ATP is scalable at any point of time.
The technical support was good.
I would rate technical support a four out of five.
The initial setup was not easy but not complex. It was somewhere in between.
There were many things that needed to be integrated with the existing solution, which took some time. It took us a week to deploy this solution.
When compared with other vendors, the pricing is very high.
There are several other features that can be integrated with Microsoft Defender ATP such as EDR. But, it doesn't already come integrated with ATP. It's available at an additional cost.
If you want the EDR feature, you would have to purchase an E-file license. The cost is three times higher to have more productivity with the dashboard.
It's a good solution. I would recommend Microsoft Defender ATP to anyone who is interested in using it.
I would rate Microsoft Defender ATP a seven out of ten.
This is an endpoint security product. It helps detect and prevent attacks and is very good when it comes to vulnerability assessment. It automatically detects attacks. It provides support for all the end devices, whether it is a Mac OS, Windows, mobiles, Android and iOS, it has support for all. I mostly deal with smaller and medium sized companies, I don't deal much with enterprises. I'm a customer of Microsoft and I work as a solution architect.
The product is very good when it comes to vulnerability assessment. It's a Microsoft flagship product and it integrates with Office 365. If my customers are using Office 365 or Azure or a Windows server, it helps to use Defender. Other products like Symantec or McAfee don't have that kind of integration with Microsoft products. In terms of identifying the attacks, it's far superior to Symantec.
The GUI is very complex, particularly for normal users who work on it. It could be more user friendly. For future improvements, I'd be looking at internet security which we don't have as Microsoft does not distinguish whether a site is malicious or not. Kaspersky is very good at that but not Microsoft. It would be a big advantage for them if they were to include it.
I've been using this solution for seven months.
It's a stable product. Microsoft only recently entered this market and nobody believed that Microsoft antivirus would be good. They are now trying to prove everyone wrong in that sense by having a good security product.
Scaling in or out is very easy. Scalability is really about licensing so you just have to request a registration license.
Ninety-nine percent of the time, I'm able to solve the problem. I do not have access to Microsoft support so if I go to their open support page and try to login a request, it takes up to 24 hours for the support agent to get back to me. It's pretty average. If you have the premium support or if you're a support partner of Microsoft, they respond back in one or two hours, something like that.
I tested the difference between Symantec and Defender by taking a malware from the internet and downloading it. Symantec allowed me to do it, even though it shouldn't have, but Defender, gave me notification and wouldn't allow me to do it. That said, Symantec is a very stable product that's been on the market for a long time. They have more expertise in endpoint protection than Microsoft. Symantec is not a cost-effective product for most customers. It's integrated with third party companies and is good in protecting endpoint. Because my customer base is companies that use Office 365 and Microsoft Azure so Microsoft integration with these products is very good.
The initial setup is very simple, you just have to attach it to the user's email address. Once the user logs in, it automatically downloads and starts working. I do the implementation. In terms of maintenance, sometimes my engagement with the client is one time but sometimes, I do maintenance as well. This is a subscription-based, cloud-based product. They have to call me every year to renew.
I would suggest that if you're already using Microsoft products, then I think it makes sense to go with Microsoft Defender over any other product.
I would rate this solution an eight out of 10.
I have used Windows Defender to protect my computer from viruses or harmful websites on either flash drives and other removable devices when I am online which tend to attack my computer and corrupt it causing inefficiencies in my computer working processes.
I usually check from time to time if the hard disks of my computer has been infected and remove the files that are harmful to my systems. Another purpose of this tool is blocking and filtering sites that are harmful or appear threatening to my system.
Windows Defender has improved my organisation's security in many ways which ensure that my systems are being safeguarded. Since we are mostly online doing our projects and research, we tend to enter into harmful sites that may damage our computers. But Windows Defender does great work in blocking and warning you of those sites. Another advantageous part is that when removable devices are connected to our systems they are scanned for viruses and cleaned immediately. Hence, it ensures no viruses from external devices enter into our systems. It automatically scans and checks for viruses on the hard drive from time to time ensuring good security in our systems.
I have used the solution for more than five years and the solution has greatly influenced my work. It gives good results in protecting my systems and data.
Automatic scanning and cleaning of viruses is the best and most valuable feature helping this tool to thrive. If any viruses are found, they are cleaned automatically.
Another feature is the ability to filter sites and block harmful ones, which makes it to enter sites with full protection. This ensures no harmful Trojans can be sent into our systems through those sites and are always blocked when detected.
Another great feature is the ability to warn the system user, making it easier to know when a virus has been found on our system.
It is easy to use and has a lot functionality to make systems safeguarded in the right manner.
The product should keep updating its software as to counter incoming threats since threats are becoming more advance with time. The product should be strong in all parts.
I would recommend if the product continues to be updated that the way it updates is faster for downloading and updating in our system. The stability is good and should continue to perform well in that way.
With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras.
I have used the product more than five years. It is a great tool.
The solution is very stable. It has good features that make it efficient in the security aspects of our systems.
The product has performed very well in my computers. I don't have any complains about its functionality.
I have never used any solution apart from Windows Defender when safeguarding my systems.
The solution comes pre-installed in the Windows Operating System so you do not have to install it manually. You are required to connect to the Internet and update the solution to the latest version.
I am just an end user of the solution.
I hired a technical guy to keep the solution up-to-date since it could be more stable and work more efficiently.
I invested in Windows Defender since it has good functionalities.
The product is free of charge and comes integrated into Windows.
I chose Windows Defender for system safety, its ease of use, and the continuous update of the product.
Windows is a great tool that I have used. It has helped my organisation in achieving what it does daily and protected our data in a great way.
I would recommend every user who has a computer or laptop to consider using Windows Defender since it is the best tool to safeguard your system from malware and attacks.