Item: Microsoft Defender for Endpoint
Rating: 7
Author: Verified User

Use Cases and Deployment Scope

We use Microsoft Defender for Endpoint as our primary AV and firewall solutions for both our Windows and Mac enviornments as well as our Windows Servers. In addition, the other primary use case the product solves for us is blocking the use of usb devices and external storage devices from being plugged into our endpoints.

Pros and Cons

Blocking USB and External Media
Vulnerability Reporting
Proactive Alerting

Lots of upfront configuration necessary
Tons of configuration options
Hard to deploy to Macs

Return on Investment

Incared Vulnerability Remediation
More time spent doing configuration changes
Cheaper than compeitiors

Key Differentiators

Cloud Solutions
Scalability

The biggest factors for us revolved around the need to have a product that was compatible with both windows and mac endpoints. In addition, we wanted a tool that provided more than just traditional AV scanning and gave us more vulnerability reporting as well as security recommendations. Finally, we wanted it to be cloud based as well.

Components

We are using Microsoft Defender for Endpoint for traditional AV scanning on all of our endpoints as well as proactive detection. In addition, we are using the USB control feature to prevent unauthorized usb storage devices from connecting to our endpoints. Finally we are using the vulnerability scanning feature to remediate security vulnerabilities on our endpoints.

Protection Scope

We are protection 250 endpoints. It is a mix of Windows, Windows Server and MacOS

Alternatives Considered

Red Canary

We ended up going with Microsoft Defender for Endpoint as it came with the biggest breadth of offerings compared to the other solutions we reviewed. With a lot of the other potential solutions we felt like we would of needed to augment them to get the value we would get out of defender. Some solutions could not do things such as block usbs, etc.

Key Insights

Do you think Microsoft Defender for Endpoint delivers good value for the price?

Yes

Are you happy with Microsoft Defender for Endpoint's feature set?

Yes

Did Microsoft Defender for Endpoint live up to sales and marketing promises?

Yes

Did implementation of Microsoft Defender for Endpoint go as expected?

Yes

Would you buy Microsoft Defender for Endpoint again?

Yes

Other Software Used

Google Workspace, Slack, Microsoft Azure

Likelihood to Recommend

I think Microsoft Defender for Endpoint is well suited for a Microsoft Enviornment that has is committed to the WIndows\Office suite of products as it easily integrates and deploys in that type of environment. In a mixed or primarily mac environment it does not have the complete integration that one may want and is hard to deploy through a MAC mdm such as Jamf.

One stop shop for endpoint protection

Overall Satisfaction with Microsoft Defender for Endpoint