We just raised a $30M Series A: Read our story
RA
Assistant Manager IT at a educational organization with 1,001-5,000 employees
Real User
Good performance, reliable, and offers effective ransomware protection

Pros and Cons

  • "The most valuable feature is ransomware protection, which can detect malicious activity from IPs or a malicious payload in DLLs, or other things that can corrupt the system."
  • "The file scanning has room for improvement. Many people use macros within their files, so there should be a mechanism that helps us to scan them for malicious payloads."

What is our primary use case?

We use Microsoft Defender Antivirus to scan for malicious payloads that may come in files, emails, a USB drive, or another type of external drive. It helps us to identify any malicious load that could compromise the security of any of our systems.

We are in a decentralized environment. We have multiple offices but they are not connected physically. The offices are directly managed from the internet.

We have a mixed environment with Linux and Windows machines.

We operate in the educational sector.

How has it helped my organization?

We have not fully considered how this product affects our overall security posture, although this is because we have not yet explored all of the features. Once we have all of our offices connected, it is something that we will be looking into. At this point, it does not affect all of our machines. On a scale from one to five, I would rate our security posture a four.

What is most valuable?

The most valuable feature is ransomware protection, which can detect malicious activity from IPs or a malicious payload in DLLs, or other things that can corrupt the system.

The performance is good. Usually, end-users complain that whenever background or real-time scanning is done, the effects are felt as there is a slowdown in the system. This is not the case with Microsoft Defender.

What needs improvement?

The file scanning has room for improvement. Many people use macros within their files, so there should be a mechanism that helps us to scan them for malicious payloads.

If there is a Word file then it is able to scan it, but if there is a malicious payload within its signature then it will not be detected. Deep packet scanning must be used to improve the overall product.

For how long have I used the solution?

We have been using Microsoft Defender Antivirus since we upgraded to Windows 10 from Windows 8.

What do I think about the stability of the solution?

This is a stable product. We have been using the standard version for a long time and it hasn't negatively affected our environment. Generally speaking, it is reliable.

What do I think about the scalability of the solution?

Microsoft is actively working on this product and I think that it is becoming more scalable, day by day. For example, prior to Windows 10, there was no ransomware support. Now, it comes with Windows 20S2 and Windows 20H1.

With our decentralized environment, I don't know the exact number of users or devices that we have. However, I can say that there are more than 500 devices being protected by this solution.

Most of the machines in our environment are in areas that don't have internet access. This is because they are stationed in remote areas of the country. This means that we need to use USB drives to update the machines manually. Given the number of devices and that the management is done manually at this time, it is pretty painful for our IT people.

How are customer service and technical support?

We have not purchased support for this product, although, for most products, we usually do have it. To this point, it hasn't been required.

Which solution did I use previously and why did I switch?

When we were running older operating systems including Windows XP and Windows Vista, we had a Symantec Endpoint solution. We had that for a long time but we opted out. After that, we used McAfee and other antivirus products. However, since Windows 10 was released, and with Microsoft Defender included by default, we felt that it was the solution for us.

As I recall, we stopped using McAfee and Symantec once we moved to Windows 8.

How was the initial setup?

This product came pre-installed with Windows 10 on the machines that we procured from the vendor. It is straightforward and easy to configure, as well. Once Windows is installed, setting up the antivirus and scheduling scans just involves clicking the Next button several times. It is pretty easy for anyone and if the user is non-technical, we guide them through the process.

It takes a maximum of 10 to 15 minutes to install and configure on a PC. Whenever a new configuration is required, you need to configure it on each individual machine that you have. This is why we are investigating a centralization solution. It will help us out in applying things on a global level. For example, we can apply settings based on what is in Active Directory or other policies.

What about the implementation team?

One person, in-house, is all that is required to set it up.

There is not much maintenance required, as our environment is pretty standard. Also, all of the updates come from the Microsoft update center and they are automatically installed on the machines.

What was our ROI?

It is difficult to determine ROI at this point. Once all of our PCs are joined together, we will have a better idea.

What's my experience with pricing, setup cost, and licensing?

As we operate in the educational sector, we are eligible for an educational discount.

Which other solutions did I evaluate?

We are currently looking into other solutions that will give us centralized control over Microsoft Defender. However, we are still strictly in the research phase.

Once we decide on a product and a solution is proposed, it is a long process that involves budgetary considerations. Once a PoC is completed, the budget constraints are considered, and this is part of a very long chain of processes that take place before final adoption.

What other advice do I have?

Since we started using this product, we have not had any breaches. When we were using the products by McAfee and Symantec, there were issues with viruses and malicious payloads. Now, it is better because we haven't had any major issues with the systems.

My advice for anybody who is implementing this product is to let the IT staff manage it, and not allow end-users to configure it or modify their own settings.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Devanand PR
IT Support Executive at a healthcare company with 51-200 employees
Real User
Top 5Leaderboard
No need to purchase an additional solution because it comes bundled with Windows 10

Pros and Cons

  • "It is already integrated with Windows 10, so you don't need to worry about that."
  • "It is using a large space in your memory all the time. While an antivirus will use some of your memory, if they could reduce the load of the antivirus to some extent that would be good."

What is our primary use case?

It is an antivirus. It is like any other antivirus, except it comes with Windows and you don't need to install anything extra.

How has it helped my organization?

People will ask you, "My system does not have an antivirus," because it is so hidden and subtle. You don't feel like you have an antivirus. Many users will wonder and come to you, saying, "I don't have an antivirus installed. Is that company policy? Do we need to get it from outside and install it?" So, we have to tell them, "No, there is an antivirus. It is there."

It is so seamless that people don't even feel or see it. It is just protecting everybody. If you are some kind of techie or have some experience with Windows Operating System, only then do you know that this thing is already built-in. If you go into the Task Manager, you can find the antivirus using up a lot of memory and a bit of CPU power, then you will understand that is the antivirus doing this. Normally, many people don't realize this.

What is most valuable?

It is already integrated with Windows 10, so you don't need to worry about that. 

It is a basic firewall with some additional anti-exploit measures and parental controls already built in.

What needs improvement?

It is using a large space in your memory all the time. While an antivirus will use some of your memory, if they could reduce the load of the antivirus to some extent that would be good.

For how long have I used the solution?

We started using it when they started bundling it with Windows 10, which has been around three or four years.

What do I think about the stability of the solution?

It is very stable.

You do not need to worry about maintenance. It is automatically updated. Sometimes it will show you a red marker to do a system scan. People normally kind of ignore that, but I suggest people do a system scan from time to time. Now, what happens is just a bubble icon showing a red cross sign, but that may not be enough. It should give a pop-up window to remind people to scan the system once a month or quarter. It should be built-in scanning, without asking anybody, once per month or quarter.

What do I think about the scalability of the solution?

It is scalable.

There is no need to get an additional solution because it comes bundled with Windows. 

We are protecting around 60 to 70 endpoints in India. In the entire company, there may be around 400 to 500.

Which solution did I use previously and why did I switch?

We have used other antiviruses, like McAfee and Avira Antivirus.

The same thing can be viewed as a pro and a con:

Pro: It is more than silent; you do not even realize that it is an antivirus. Any other antivirus third-party will nag you with pop ups for any small threats. They want to show that they are doing something because you pay them money. They are funny, colorful pop-ups, whatever color they use is like an advertisement for them, e.g., "They are doing it wrong, and we pointed it out." Windows Defender does not do that. In a way, this is good for the people who know the threat sender. They do not really need to be nagged by the antivirus every time you open a site or click on a file.

Con: For normal people who do not know anything about the security side, some pop ups should be there. Some pop-ups call people's attention that you are doing it the wrong way. For example, "This is potentially wrong. Don't visit this site. Don't potentially open this link, file, or attachment." This is missing in Windows Defender.

What was our ROI?

It has a good return on investment, especially since we are used to paying for antivirus. Now, it is part of the Windows purchase.

What's my experience with pricing, setup cost, and licensing?

You don't need to worry about the renewal and purchase of antivirus products. It is bundled with Windows 10, so you don't need to worry about separately purchasing any antiviruses. 

Which other solutions did I evaluate?

Whenever you purchase an antivirus, there are so many factors to consider, such as, weighing, doing a comparison, studying everything, and analyzing the cost-benefit factors. You don't need to consider any of this with Windows Defender because it all comes with it. So, you don't need to worry about it.

With Windows Defender, Microsoft is protecting their own operating system from hackers, viruses, malware, etc. It is better to use Windows Defender over other third-party providers. Microsoft knows what best is for the solutions.

What other advice do I have?

If your computers or users are limited and you are not worried about using your computers for a lot of other browsing purposes or a lot of communication from the public, then you can depend on Microsoft Defender as your only solution. However, when your company is a lot more public facing, then you get a lot of mail from the public and must interact with the public. Also, if you must connect your computer to other computers not in your company, then I would suggest going for either a top-of-the line antivirus solution or third-party solutions. Totally depending on Microsoft Defender is not going to work for a company who is facing a lot of public interactions with their computer system.

I would rate it as an eight out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Microsoft Defender for Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,407 professionals have used our research since 2012.
OP
Security Architect at a comms service provider with 5,001-10,000 employees
Real User
Top 5
Scalable with great threat detection and good stability

Pros and Cons

  • "It's not really visible for the user - which is a benefit."
  • "The initial setup can be a bit complex."

What is our primary use case?

The solution is used to protect the endpoint. Also, there's an antivirus and then advanced threat protection. It's also detecting threats and sending that to the cloud and correlating that without the events from other parts of the EMS suites. That's primarily what we are using it for. It is also capable of doing some attack surface reduction that you can configure on the endpoint. It's basic protection plus surveillance. It's also an EDR, however, we are not using that.

How has it helped my organization?

It's always very difficult to measure, however, it integrates very well with the other Microsoft products. It's easy to handle them. That's an important point when you want to achieve a higher security level that it's easy to manage. You can be sure that it's up to date and it's managed and the alarms are taking care of and so on. It's not only the technical capabilities, that are important. How it plays together with the rest of your products is also key.

What is most valuable?

It's not really visible for the user - which is a benefit. 

We know it's pretty good in terms of detecting threats against our platform and attacks. We have seen that.

There's privileged escalation or lateral movements for attacks.

The solution is stable.

The scalability is good.

What needs improvement?

The dashboards could be better. There's a suite of different products that play together and enhance security and receive signals from different parts of the product suites. When you are trying to look into that sort of depth on a dashboard, or across various dashboards, it can be difficult to obtain a comprehensive overview as it's so divided.

The initial setup can be a bit complex. 

Beyond that, I'm not involved in the day-to-day operation. There may be others that can offer more insights.

For how long have I used the solution?

We started using it when we started to migrate to Windows 10 and that was likely four years ago. However, that was the Microsoft basic version. Recently, we also enabled the ATP path.

What do I think about the stability of the solution?

It's my understanding that the solution is very stable. It's a pretty mature solution.

What do I think about the scalability of the solution?

In terms of scalability, we have not encountered any issues. We have around 7,000 end points.

We don't have too many physical people dealing with the solution. We have some people in operations and then some architects and so on, however, they are not involved on a day-to-day basis.

How was the initial setup?

The initial setup is somewhat complex, however, that's not only due to the product. It's also the environment that it is going to be implemented into. Also, when you have a company with a lot of legacy products and all the setups and so on there may be difficulties in terms of getting everything to work together.

The deployment can take up to a couple of months, however, it's dependant on the environment that it needs to be implemented into. For instance, if other kinds of agents are writing on the computer, you need to make sure that it is not consuming too much CPU capacity and so on. If you have a good system, it would be very quick to install.

We have a deployment plan and we have taken advice from Microsoft Learning from their onboarding Planning information. There isn't anything that is very special, as, when you roll out new software on an endpoint, you must make sure that it's not disturbing the day-to-day operation. You start with a small group of test users and then do it in bigger and bigger waves and always be ready to go back. It's good to have that preparedness so that you can roll back and you can investigate what's gone wrong and so on, however that's not special to a different endpoint. That's a normal deployment strategy.

What was our ROI?

It has been possible to reduce the use of other agents. Beyond that, we have not made any financial calculations in relation to ROI. We have been using McAfee, for example, among others, and it's been possible to scale down. Microsoft is more integrated, more comprehensive, and Defender is part of the Microsoft operating system.

What other advice do I have?

We are customers and end-users.

This Microsoft security platform is very much a SAS platform. It's playing together with all the other security products from Microsoft and the company is using the Azure platform to collect the information and to work on the main refine security findings. It's working very well together with the Microsoft Cloud solution for security.

It's my understanding that they call it the security graph. It's quite important that they are communicating together. Windows Defender, ATP is delivering a lot of telemetry to that form and correlating it with telemetries.

The reason why we have implemented DHCP part is due to the fact that we bought a Microsoft E5 license with a lot of security enhancements.

I've only seen it in the implementation and design phase, however, it's pretty good. That said, it's also within the environment of a large company where the processes can be a bit difficult.

I'd advise users to integrate it into their security operations center so that they can have the full benefit of the product.

I'd rate the solution at an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Oriyomi Fowler
Head, Information Security & Network Operations at a consumer goods company with 10,001+ employees
Real User
Nice interface and good reporting, but the alerts need to be more timely

Pros and Cons

  • "This is not an inventory solution, but it helps you take count of how many workstations you have, as well as what software is installed on each of them."
  • "Alerts need to be sent immediately because as it is now, you see some of them without delay and others arrive perhaps 30 minutes later, and it leaves important gaps in terms of information gathering."

What is our primary use case?

We combine Microsoft Defender with Advanced Threat Protection to manage, isolate, and scan our laptops and workstations for security threats. We have a dashboard that is embedded into Office 365 and it allows us to remotely scan for viruses and malware, so we don’t have to have the laptop present.

How has it helped my organization?

Using this product helps with device inventory. This is not an inventory solution, but it helps you take count of how many workstations you have, as well as what software is installed on each of them. It is important because any software installed on a workstation may be vulnerable to parts of the internet.

Microsoft Defender has features that have helped to add layers to our security posture. The most important of these features is visibility and the provision of detailed alerts. It correlates the data and using this information, I can identify a threat and see if any other workstation in the environment has been affected by it.

Using this product has not negatively affected our user experience. It is just like using Windows 10.

What is most valuable?

The GUI is very nice.

The reporting capabilities are fantastic.

In the future, I would like to have the ability to patch using this product. Specifically, in an enterprise environment, it would be very good if you could patch the workstations remotely.

What needs improvement?

The alerting is something that needs to be improved. Alerts need to be sent immediately because as it is now, you see some of them without delay and others arrive perhaps 30 minutes later, and it leaves important gaps in terms of information gathering.

For how long have I used the solution?

I have been working with Microsoft Defender Antivirus since it first came out, at least seven or eight years ago.

What do I think about the stability of the solution?

With respect to the stability of the product line, Microsoft has many products that do almost the same thing. The question becomes which one you want to use. This is a good product but at the same time, after a while, you don't know if it is the next one that Microsoft is going to stop releasing because of other products that practically do the same thing.

What do I think about the scalability of the solution?

Microsoft Defender is very scalable and there is a lot of room to expand and add extra layers. We have 2,500 endpoints and we plan to expand; however, we are thinking about using the Microsoft Endpoint Manager in place of it.

Once the decision is made to stay with this product or instead adopt Endpoint Manager, we will expand to cover 6,000 endpoints.

How are customer service and technical support?

I have not been in contact with technical support.

Which solution did I use previously and why did I switch?

Prior to Microsoft Defender, we tried quite a few different products from vendors such as Kaspersky and McAfee. One of the major reasons that we adopted Defender is because of the advantage that Microsoft owns the platform, Windows 10. As they have developed the operating system, it is believed that they understand how to guard it much better against a third party. An attacker has to learn a lot about Windows 10.

Another reason we selected Defender is the frequency of updates. Every other time that Windows is updated, Defender is updated. Again, this is because it is owned by Microsoft and exists on its platform.

We also use Microsoft ATP and we are currently looking at Microsoft Endpoint Manager.

How was the initial setup?

The initial setup is straightforward. Basically, once you have the competency with the product, it is straightforward and there are no surprises. It is not rocket science.

This product is built into the Windows 10 image that we install. As you roll out Windows 10, it is already set up and pre-configured, so there is no additional work required.

What was our ROI?

We saw a return on our investment within the first two years.

If I quantify the effort used for the setup and compare it with the pricing of the previous solution, value for the money was realized during the second year.

What's my experience with pricing, setup cost, and licensing?

We have an enterprise agreement so from my perspective, this is a product that ships with Windows and it is not priced standalone. It comes together with the other Microsoft products that we buy.

Which other solutions did I evaluate?

When we evaluated Kaspersky and McAfee, we found the scalability was better for Microsoft. You can do in-place upgrades of the endpoints with Defender but for the others, you would have to re-install the upgraded agents on the workstation. This takes a lot of time and it is not productive.

We are currently evaluating Microsoft Endpoint Manager by comparing the differences between it and Microsoft Defender. This is being done in advance of expanding our usage.

What other advice do I have?

My advice for anybody who is implementing this product is to first analyze their critical assets to have an understanding of what they are. Then, decide if they want a scalable solution. New threats are coming in every month and the way this is going, Microsoft is learning lessons from networks that have been compromised. With this information, they give updates and patches to everybody. In support of this product, you have to consider the patching, consider the visibility that it gives, and then consider the critical assets it is protecting.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
John-Maina
Navision Consultant and user support at NCPD
Real User
Top 5Leaderboard
If any viruses are found, they are cleaned automatically

Pros and Cons

  • "Automatic scanning and cleaning of viruses is the best and most valuable feature helping this tool to thrive. If any viruses are found, they are cleaned automatically."
  • "With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras."

What is our primary use case?

I have used Windows Defender to protect my computer from viruses or harmful websites on either flash drives and other removable devices when I am online which tend to attack my computer and corrupt it causing inefficiencies in my computer working processes. 

I usually check from time to time if the hard disks of my computer has been infected and remove the files that are harmful to my systems. Another purpose of this tool is blocking and filtering sites that are harmful or appear threatening to my system.

How has it helped my organization?

Windows Defender has improved my organisation's security in many ways which ensure that my systems are being safeguarded. Since we are mostly online doing our projects and research, we tend to enter into harmful sites that may damage our computers. But Windows Defender does great work in blocking and warning you of those sites. Another advantageous part is that when removable devices are connected to our systems they are scanned for viruses and cleaned immediately. Hence, it ensures no viruses from external devices enter into our systems. It automatically scans and checks for viruses on the hard drive from time to time ensuring good security in our systems.

I have used the solution for more than five years and the solution has greatly influenced my work. It gives good results in protecting my systems and data.

What is most valuable?

Automatic scanning and cleaning of viruses is the best and most valuable feature helping this tool to thrive. If any viruses are found, they are cleaned automatically.

Another feature is the ability to filter sites and block harmful ones, which makes it to enter sites with full protection. This ensures no harmful Trojans can be sent into our systems through those sites and are always blocked when detected.

Another great feature is the ability to warn the system user, making it easier to know when a virus has been found on our system.

It is easy to use and has a lot functionality to make systems safeguarded in the right manner.

What needs improvement?

The product should keep updating its software as to counter incoming threats since threats are becoming more advance with time. The product should be strong in all parts.

I would recommend if the product continues to be updated that the way it updates is faster for downloading and updating in our system. The stability is good and should continue to perform well in that way. 

With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras.

For how long have I used the solution?

I have used the product more than five years. It is a great tool.

What do I think about the stability of the solution?

The solution is very stable. It has good features that make it efficient in the security aspects of our systems.

What do I think about the scalability of the solution?

The product has performed very well in my computers. I don't have any complains about its functionality.

Which solution did I use previously and why did I switch?

I have never used any solution apart from Windows Defender when safeguarding my systems.

How was the initial setup?

The solution comes pre-installed in the Windows Operating System so you do not have to install it manually. You are required to connect to the Internet and update the solution to the latest version.

What about the implementation team?

I am just an end user of the solution.

I hired a technical guy to keep the solution up-to-date since it could be more stable and work more efficiently.

What was our ROI?

I invested in Windows Defender since it has good functionalities. 

What's my experience with pricing, setup cost, and licensing?

The product is free of charge and comes integrated into Windows. 

Which other solutions did I evaluate?

I chose Windows Defender for system safety, its ease of use, and the continuous update of the product.

What other advice do I have?

Windows is a great tool that I have used. It has helped my organisation in achieving what it does daily and protected our data in a great way.

I would recommend every user who has a computer or laptop to consider using Windows Defender since it is the best tool to safeguard your system from malware and attacks.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
KF
Technology Consultant at a computer software company with 51-200 employees
MSP
Top 20
A very solid security system with advanced hunting capabilities and great stability

Pros and Cons

  • "It's a very solid security system, and the advanced hunting and everything really lets you dive deep into things."
  • "I would just like them to have more consistency, and that's a comment that's across the board with Microsoft. They change things a lot."

What is our primary use case?

The solution is used for endpoint detection and response, however, it also has vulnerability management. I don't use that as much as the endpoint detection and response. I use it in combination with Cloud App Security and Endpoint Manager.

What is most valuable?

The most valuable feature is the fact that, if you have the M365 E5, it's included and everything is in the bundle. 

It's a very solid security system and the advanced hunting and everything really lets you dive deep into things.

What needs improvement?

Overall, they're doing a much better job. However, recently, they added the Azure Defender. When you use the Azure Defender licenses, you're already enrolled. 

I prefer that they had the old interface that was not combined with compliance, and still, they've changed that to make it better. I would just like them to have more consistency, and that's a comment that's across the board with Microsoft. They change things a lot.

For how long have I used the solution?

I probably started diving into Microsoft Defender about two years ago.

What do I think about the stability of the solution?

Stability-wise, I have not had another product that has been as stable and has had fewer issues. It's amazing.

What do I think about the scalability of the solution?

The solution is scalable. For example, I helped a 12,000-person company put it in and automated it without any issue.

How are customer service and support?

In terms of technical support, I have not had to call them related to anything on Defender for Endpoint. I'm a CSP, so I'm calling and I'm getting different assistance than, say, a home user. That said, at the same time, it really depends on if you're getting level one or level three support.

How was the initial setup?

The initial setup is very straightforward. There's a lot of people putting it in that don't understand it, however. They're not using device groups and auto-remediation settings.

I do a lot of security reviews as well, and what I find is that, although it works well out of the box, there are missing components. Another thing is that people will basically use the product, and yet, not set up the integrations with Cloud App Security and Endpoint Manager. When they do that, they're not getting the full functionality of it. I, on the other hand, know the system, so I see people often having trouble with it. If people are trained or go through training, they would be able to get the full functionality out of it.

What was our ROI?

I can't give numbers, however, for the price, when you're increasing from an E3 to an E5 license, the amount of features you get eliminates a lot of other systems. Therefore, you do get a pretty good ROI. On top of that, you only have one management system and one reporting system. Overall, the numbers have been quite impressive.

What's my experience with pricing, setup cost, and licensing?

I don't know the standalone costs. It is my understanding that the M365 E5 is $56 a month or something close to that pricing. That would be for the full suite. Just Defender might be $8 a month. I can't say for sure.

What other advice do I have?

I'm a consultant. I primarily work with Microsoft and I do the threat management and check vulnerabilities on the database. I'm looking for something that is not super expensive yet covers vulnerability management and where you can pick the products, and pick alerts, and you get a weekly digest report, just so that we can better manage everything.

I work with pretty much all of the 365 products. I'm pretty widely experienced in Defender. I work for a managed service provider. I'm one of the people that's, besides having my Microsoft Azure architecture, Azure security, Microsoft 365 expert level, plus M365 security knowledge. I focus on Azure and M365 security.

For Microsoft Defender, the product is cloud-based, therefore it is managed and it's updated constantly.

I would advise users to take advantage of Microsoft integrations. I would suggest that they put it all together, so they can use it as a full bundle.

I'd rate the solution at a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Rupesh Singh
Technical Team Lead at Alepo
MSP
Effective firewall capabilities, regular antivirus updates, and it is preinstalled with Windows

Pros and Cons

  • "The most valuable features are the Windows Firewall and the regular virus definition updates. These features are very helpful and have helped to improve our security."
  • "This solution needs to move beyond relying on virus definitions alone and protect the system using behavioral analysis of the processes that are running."

What is our primary use case?

We use Microsoft Defender Antivirus for antivirus protection as part of our endpoint security solution. It protects our systems against attacks from any virus, malware, or trojan. 

How has it helped my organization?

We rely on this product for endpoint protection in our organization because we have not subscribed to any antivirus, apart from Microsoft Defender. It comes for free with our Windows subscription and it has improved the way our organization functions because there have been no virus attacks to date on our laptops.

It has not negatively affected our end-user experience.

What is most valuable?

This solution takes care of most of the infections that are found in the system, and it comes included with Windows. These are the two main advantages of using it.

The most valuable features are the Windows Firewall and the regular virus definition updates. These features are very helpful and have helped to improve our security.

What needs improvement?

Microsoft Defender protects the computer by using virus definitions that we download through regular updates but nowadays, cybersecurity attacks have become more intelligent. This solution needs to move beyond relying on virus definitions alone and protect the system using behavioral analysis of the processes that are running. These can be vulnerable points and if a process causes a glitch in the system, it should be quarantined. Moreover, enhancements of this type should not detract from system performance. There should be no slowdown on the laptop, for example.

For how long have I used the solution?

I have been using Microsoft Defender Antivirus since I started using Windows 7, more than eight years ago.

What do I think about the stability of the solution?

Stability-wise, it is good, and it performs very nicely.

What do I think about the scalability of the solution?

The scalability is fine. We had more than 300 devices that are being protected.

How are customer service and technical support?

I have never had an opportunity to speak with technical support because everything has always worked very smoothly. As we have experienced no issues at all, we never contacted support.

Which solution did I use previously and why did I switch?

Prior to using Microsoft Defender, we used McAfee and Avast Antivirus.

One of the main reasons that we switched away from McAfee is that it required purchasing a subscription. With Microsoft Defender, it is included with Windows. When we install the operating system, it is already there and we don't have to purchase an additional antivirus product.

For security, aside from a traditional antivirus, we have purchased the SentinelOne Endpoint Security solution. This product is more enhanced when compared to an antivirus product. It is modern and has better threat intelligence than other products. I don't know SentinelOne very well yet, as we have just purchased the subscription, but I know that the difference between products is not based on virus definitions.

SentinelOne has intelligence on the cloud and many other security features including the blocking of domain names, and the blocking of USB drives that users plug into their laptops. Although it has many more features than legacy antivirus software, I have no complaints about the performance of Microsoft Defender.

One of the reasons we are more heavily relying on endpoint security is that everybody is working from home and using the internet for work. This transition was made within the last two or three months. When people were working in the office, the firewall afforded them protection. However, as it is now, the endpoints are more vulnerable to attack. This is why we now rely more heavily on SentinelOne.

How was the initial setup?

Microsoft Defender comes preinstalled with the Windows operating system, so we do not have to deploy it separately.

What's my experience with pricing, setup cost, and licensing?

The subscription is part of Windows, so we don't have to pay anything extra for this product.

What other advice do I have?

This is definitely a product that I recommend people use because first of all, you do not have to pay anything extra to use it. The performance is very smooth and it protects your system, which is very much needed. All in all, I would say that this is a good antivirus solution.

I would rate Microsoft Defender Antivirus an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
JC
Technical Support Engineer at a tech services company with 51-200 employees
Real User
Top 20
Offers cloud protection and comes embedded with Windows, but isn't very robust

Pros and Cons

  • "The solution's main antivirus capabilities are okay. So far, they have kept us safe."
  • "The solution could use improvement on the interface."

What is our primary use case?

The solution is basically an antivirus and is used to protect users from a number of things. Mainly, the solution protects against cyber-attacks and defends a user from viruses so that files are protected. Of course, it will be very important to have a big antivirus in place so that companies are protected from big attacks. Windows Defender does not really do that.

What is most valuable?

The solution's main antivirus capabilities are okay. So far, they have kept us safe.

There is cloud protection as well, however, we don't utilize that very much.

What needs improvement?

The solution does not have deep protection. Sometimes you find that you have some virus attacks. Most times we're on the internet. As you search so many websites, chances are high you visit sites that are fraudulent. There could be cases like phishing, where software could be embedded in some websites or some other viruses could come into your PC under Windows Defender. The security is basically limited. It's not so strong, in my understanding. It could be more robust.

The solution could use improvement on the interface. Most different Defender software comes with a different graphical user interface and some tend to be a bit complex. They should work to make the interface more user-friendly for basic users. For myself, as an IT person, it's fine, however, for a layperson, the interface might be a bit confusing.

It would be nice if they would collect user ratings and feedback. It would help them find ways to better add features and add-ons in the future.

The dashboards always have room for improvement.

For how long have I used the solution?

We've been using the solution for over two years now. 

What do I think about the stability of the solution?

For the most part, free things are not as effective as licensing or something you purchase. That's why many times our clients ask for a licensed antivirus such as Kaspersky. Our clients do ask for licensed Kaspersky or BitDefender, or other antiviruses. Windows Defender, which is just a free version, is not as effective. It doesn't have deep support or deep protection.

What do I think about the scalability of the solution?

We have ten people in our office and everyone is currently using the solution. That's just in our Ugandan office. We have head office in India, for example, and they may use it there as well.

How are customer service and technical support?

I've never reached out to Microsoft's technical support. We haven't had issues that would require us to. I can't speak to their level of service.

Which solution did I use previously and why did I switch?

We have clients that also ask to license Kaspersky or BitDefender for added protection.

How was the initial setup?

The initial setup is not complex. We don't have a deployment or installation process, as the solution comes pre-installed with Windows. It's just the default software. It's part of their offering. We don't have to do anything separately.

What's my experience with pricing, setup cost, and licensing?

There isn't really a licensing process. The solution was pre-installed by default. It simply comes with Microsoft Windows.

What other advice do I have?

We are Microsoft resellers.

The solution is not on the cloud. Our office is small. We use independent computers. It's not in a structured network environment. We just use a small wireless network. As individuals, we are using it on small computers.

In my region, I would not necessarily recommend this solution. I'd still advise my clients to have other antiviruses unless I get to know that there is a licensed version of Windows Defender that Microsoft is selling and licensing. I still go ahead to advise my clients to buy other antiviruses, which are more effective. Kaspersky, for example, is a good option.

I would rate the solution at a six out of ten. There are other more robust antiviruses on the market that you can license.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Microsoft Defender for Endpoint Report and get advice and tips from experienced pros sharing their opinions.