Microsoft 365 Business Premium - Advanced threat protection protection
Hi,
I am looking at getting Microsoft 365 Business Premium.
I am comparing this say with McAfee.
As I am thinking of getting rid of McAfee. No issues with McAfee just trying to save some money. I have been able to read about the
features but can't see to find much information on how good the protection is compared with 3rd party antivirus products.
So here are the questions:
1. How good is the Advanced threat protection. Specifically how good is the malware and ransomware protection?
2. Is the AV engine different in to the consumer Windows 10 Defender?
3. Do they get AV updates more often then consumer.
4. Will Microsoft support (I guess it is Office 365 support really) help me clean up a virus or get a patch if I get into trouble.
I am guess so since I am would be using the business product.
Oh and to cover off something in case it is asked I already have my email hosted by Microsoft 365 Business Basic and Microsoft Office home.
So they host my email already under Office 365.
Thanks,
Ward.
ASKER
Thanks for your answer that was great.
One thing is I know people who use SCCM and other solutions seem to use the built in defender
but the 3rd party av industry is large - and I don't here the corporates complaining. So the
mismatch for business and consumer is interesting.
But anyway a few other questions if I may.
1. What are your thoughts on Microsoft Defender for Endpoint?
2. And if you are familiar with Microsoft Defender for Endpoint. I can see that is has some
better reporting and telemetry but is the detection and repair engine any better then consumer defender?
3. Does defender for Endpoint likely to get definition updates more often then consumer?
4. Will Microsoft help me with malware clean-up / sample submission like the 3rd party
AV vendors can do?
Thanks again,
Ward
is a good product to have for windows only (some say linux but there is a gap) but it only available on Microsoft E5, or buy separately.
Don't mix Defender for endpoint with Windows defender. Defender for endpoint built on top (add additional features) of Windows defender. so it is not a replcaement
2. And if you are familiar with Microsoft Defender for Endpoint. I can see that is has some
better reporting and telemetry but is the detection and repair engine any better then consumer defender?
Defender for endpoint has better reporting telemetry on the windows side. like ASR, next gen firewall,collecting logs from device and stored centrally for hunting purpose etc, it also have a vulnerability tracking etc.
3. Does defender for Endpoint likely to get definition updates more often then consumer?
As referred, it is not a replacement, the definition is the same.
Microsoft releases a new definition every 2 hours.
4. Will Microsoft help me with malware clean-up/sample submission like the 3rd party
AV vendors can do?
Microsoft has a Windows Malicious Software Removal Tool x64 - v5.94 (KB890830)
but do you really do submission?
you can do auto submit but i never manually do so
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission?view=o365-worldwide
ASKER
Hmm. Looks like the standard built in one is much better then I expected. I only really need Windows.
I did see it was with E5 but could not find it separately do u have a link to the seperate SKU?
Thanks for the great info.
Ward
If you have windows 10, then defender is the way to go.
Now, is Windows Defender good at malware and ransomware? so far I have moved away from any customise AV.
Unless you have XDR requirement, then you must have Windows Defender ATP, but crowdstike, carbon black and etc folks are still "strong"
Looking at yours, you probably don't have such then you are good to go.
Microsoft business premium ATP are design for email space, mainly in safe link and safe attachment.
It is always good to turn it on if you don't have any other protection.