Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Microsoft Intune
Score 8.3 out of 10
N/A
Microsoft Intune (formerly Microsoft Endpoint Manager), combining the capabilities of the former Microsoft System Center Configuration Manager, SCCM or ConfigMgr, is presented as a unified endpoint management option. Microsoft Intune is an endpoint management solution for mobile devices, an MDM solution that allows the user to securely manage iOS, Android, Windows, and macOS devices with a single endpoint management solution. The component Endpoint Configuration Manager (the…
Microsoft Defender gels very well with the rest of the M365 suite of products. The security Dashboard gives one view for Email Security and Endpoint Security. The security events can be generated while getting integrated with SIEM solution or can use its own SIEM offering.
As we are using 90% of Windows devices and laptops in our organisation we figured out that Microsoft Defender for Endpoint is a better solution for us as compared to above solutions mentioned. It is very easy and convenient to use this solution with Windows devices. The …
As compared to some of the other products we have used in our organization over the years, Windows Defender has been a lot better at not using a lot of system resources when running on the clients. A lot of other commercial threat protection products on the market today, tend …
Usually we had lots two platforms tasked with scanning exposures, anti-malware and provision for information and threat management. But with Microsoft Defender for Endpoint we have an all inclusive platform that even integrate with other Microsoft security apps such as Microsoft Defender for Cloud for enhanced threat insights and visibility.
Windows Autopilot makes provisioning user Windows PC laptops a breeze. A user only needs to turn on the laptop, join it to their local WiFi, login with their O365 account then sit back and let Windows Autopilot handle the app installations required for work, configure the laptop settings to meet my organization requirements. I have seen this all completed in less than 30 minutes depending on how fast the internet connection is. Where Microsoft Intune needs to improve I think is the part where it can push out software updates to 3rd party apps. Right now I have to use Automox to fill in this gap.
[Microsoft Endpoint Manager (Microsoft Intune + SCCM)] helps to speed up the deployment of patches/software throughout our environment. I can easily build a package and then deploy across all endpoints.
The ability to supercede software is also quite handy. This automates the removal of old versions and replacing them with newer versions.
The Intune Autopilot option is very useful if you want to deploy software to devices straight out of the box. You can configure them to download software when a user opens a new PC and turns it on for the first time.
The program itself can be challenging to use, especially if there hasn't been any formal training on the use of the product. Either training/reviewing documentation is recommended prior to using SCCM.
At times, it can be difficult to try and find out why a certain machine that's listed in SCCM says that the endpoint has the SCCM client and shows as Active, but in fact, it's not. It's also difficult at times to try and figure out why the client can't be pushed down to the endpoint.
Even though the remote assistance features in SCCM are really good, it can be challenging at times when the remote options don't work for a particular endpoint, even though the machine is active, online, etc.
Mascom Wireless is a Microsoft shop and SCCM has proved to be helpful in keeping our Microsoft products up to date every month without fail. We also have a Microsoft Enterprise Agreement which we renewed for three years ending 2022. The remote access utility works wonders for the organisation and have saved travel bills including subsistance allowance. We have been able to fulfill security audits both internal and external. We have been able to keep a robust inventory of our computer assets and nothing falls of the cracks
The console is not intuitive and does not work well often. Due to the complexity of the product, documentation can be confusing. When properly configured, routine tasks like OS deployment, remote control, and software deployment are easy to do. Troubleshooting of System Center Configuration Manager issues is hard, as there are various logs, and their content can be hard to understand.
It's a 'heavy' system, which demands a lot of resources form the datacenter perspective. So, make sure you followed the requirements to avoid frustration in the future. From the 'client' perspective, it's fine. I've never had any issue with that.
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Being a Microsoft product, support was good. Out interaction was limited to our in-house IT team which was installing the Intune app in our mobile device. The installation was smooth and we haven't faced any difficulties with the app while using it. Provides a smooth and secure access to all Office 365 apps in mobile while separating the personal and professional data.
Work with a "test group" of users who you have a good relationship with so that when things don't work properly they understand! Work with your partner nicely without forcing things especially timelines as you are bound to make mistakes and create oversights in the project Management can also interfere with the implementation (which can cause delays) if you make too many mistakes which takes me back to having a "test group" where you have good relations
in an overall protection sentinelone is providing better protection for us, but as it comes with subscription's limitation, we have to be really careful in managing the licenses, the MS Defender for endpoint is providing us a decent protection which we are not complaining about, why we chose them ? as mentioned, this is coming with our subscription
We did not evaluate or use other products like Microsoft Endpoint Manager (Microsoft Intune + SCCM). The main reason we did not evaluate or use other products is because Microsoft Endpoint Manager (Microsoft Intune + SCCM) integrates seamlessly with Microsoft 365 and Windows PCs. Expenses would have increased as well if we had purchased another similar product.
By providing robust threat protection, Defender for Endpoint can prevent downtime caused by security issues. Employees can work without interruptions, leading to increased productivity.
By significantly decreasing the frequency of security incidents like malware infections and data breaches, Microsoft Defender for Endpoint can protect your network. The cost of incident response, cleanup, and potential regulatory fines are reduced as a result of the decrease in events.
The implementation and configuration of Microsoft Defender for Endpoint may require an initial investment in licensing, training, and deployment, which can temporarily affect ROI.
The cost of licensing can be substantial, especially for larger organizations. This cost needs to be factored into the ROI calculation.
In our current environment, this System Center Configuration Manager had replaced several standalone solutions for patching, imaging, remote assistance, reporting, etc. That saved a lot of time and resulted in money to manage the IT infrastructure.
Once SCCM is deployed and fully configured, all agents are deployed and it is easy to automate a lot of processes and just control them from time to time to make sure that everything is working as supposed to be.
SCCM + Windows 10: great built-in endpoint protection solution. As a result, there is no need to buy additional software for that purpose.
The imaging process is better compared to WDS because you can modify deployment packages and apply patches to a newly imaged machine. This saves tons of time for new employees deployment.
