Avatar of whorsfall
whorsfall
Flag for Australia asked on

Microsoft 365 Business Premium - Advanced threat protection protection

Hi,

I am looking at getting Microsoft 365 Business Premium.

I am comparing this say with McAfee.

As I am thinking of getting rid of McAfee. No issues with McAfee just trying to save some money. I have been able to read about the
features but can't see to find much information on how good the protection is compared with 3rd party antivirus products.

So here are the questions:

1. How good is the Advanced threat protection. Specifically how good is the malware and ransomware protection?

2. Is the AV engine different in to the consumer Windows 10 Defender?

3. Do they get AV updates more often then consumer.

4. Will Microsoft support (I guess it is Office 365 support really) help me clean up a virus or get a patch if I get into trouble.
   I am guess so since I am would be using the business product.

Oh and to cover off something in case it is asked I already have my email hosted by Microsoft 365 Business Basic and Microsoft Office home.
So they host my email already under Office 365.

Thanks,

Ward.

MicrosoftMicrosoft 365RansomwareSecurity

Avatar of undefined
Last Comment
Jian An Lim

8/22/2022 - Mon
Jian An Lim

if you are talking about McAfee  as the AV sitting on your laptop, the Microsoft 365 business premium's ATP only applies to the email space

If you have windows 10, then defender is the way to go.

Now, is Windows Defender good at malware and ransomware? so far I have moved away from any customise AV.
Unless you have XDR requirement, then you must have Windows Defender ATP, but crowdstike, carbon black and etc folks are still "strong"

Looking at yours, you probably don't have such then you are good to go.

Microsoft business premium ATP are design for email space, mainly in safe link and safe attachment.
It is always good to turn it on if you don't have any other protection.



whorsfall

ASKER
Hi Jian,

Thanks for your answer that was great.

One thing is I know people who use SCCM and other solutions seem to use the built in defender
but the 3rd party av industry is large - and I don't here the corporates complaining. So the
mismatch for business and consumer is interesting.

But anyway a few other questions if I may.

1. What are your thoughts on Microsoft Defender for Endpoint?

2. And if you are familiar with Microsoft Defender for Endpoint. I can see that is has some
better reporting and telemetry but is the detection and repair engine any better then consumer defender?

3. Does defender for Endpoint likely to get definition updates more often then consumer?

4. Will Microsoft help me with malware clean-up / sample submission like the 3rd party
AV vendors can do?

Thanks again,

Ward






Jian An Lim

1. What are your thoughts on Microsoft Defender for Endpoint?
is a good product to have for windows only (some say linux but there is a gap) but it only available on Microsoft E5, or buy separately.
Don't mix Defender for endpoint with Windows defender. Defender for endpoint built on top (add additional features) of Windows defender. so it is not a replcaement

2. And if you are familiar with Microsoft Defender for Endpoint. I can see that is has some
better reporting and telemetry but is the detection and repair engine any better then consumer defender?
Defender for endpoint has better reporting telemetry on the windows side. like ASR, next gen firewall,collecting logs from device and stored centrally for hunting purpose etc, it also have a vulnerability tracking etc.

3. Does defender for Endpoint likely to get definition updates more often then consumer?
As referred, it is not a replacement, the definition is the same.
Microsoft releases a new definition every 2 hours.


4. Will Microsoft help me with malware clean-up/sample submission like the 3rd party
AV vendors can do?
Microsoft has a Windows Malicious Software Removal Tool x64 - v5.94 (KB890830)
but do you really do submission?
you can do auto submit but i never manually do so

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission?view=o365-worldwide

 
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
whorsfall

ASKER
Hi Jian,

Hmm. Looks like the standard built in one is much better then I expected. I only really need Windows.

I did see it was with E5 but could not find it separately do u have a link to the seperate SKU?
 
Thanks for the great info.

Ward
ASKER CERTIFIED SOLUTION
Jian An Lim

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question