Forum Discussion
Intune integration with Kaspersky EDR Optimum: can it replace Defender for Business?
Hi everyone,
I’m currently evaluating the use of Microsoft Intune together with Kaspersky EDR Optimum, and I have a few questions:
Intune natively integrates only with Defender for Business/Endpoint, while I haven’t found any direct connector for Kaspersky EDR Optimum.
Using Kaspersky requires an updated Security Center, plugins, and dedicated policies, while Defender is managed directly through Intune and Microsoft 365.
So, I’d like to know:
What is the real level of integration between Intune and Kaspersky EDR Optimum?
Is it recommended and safe to replace Defender for Business with Kaspersky in an Intune-managed environment?
What are the practical experiences from anyone who has tried this setup, especially regarding visibility, agent deployment, and policy management?
I’d like to understand if going with Kaspersky instead of Defender for Business makes sense, or if management becomes too complicated.
Thanks in advance to anyone who can share their experience.
2 Replies
Hi
In your case, I’m not sure if your current license plan supports Defender or if you are already using Kaspersky EDR Optimum, so I can’t say whether it makes sense for you.
If you already have both, and you understand how Kaspersky works, then it could be feasible.
It is possible to integrate another antivirus agent via Intune, which can be provisioned either during deployment or as a "required" win32 app deployment. In this way, your new AV Endpoint Agent will be installed and become the primary visible security solution, basically replacing Defender as the default antivirus on the system and taking over the role of active endpoint protection.
So far, I haven't integrated Kaspersky as a replacement for Defender, but I have used similar antivirus products that replaced Defender.
Good luck!
As far as I know, there is no integration. But that is true for pretty much all non MS security products. From a setup perspective, you can install Kaspersky agent on Intune manage devices, and have the alerts configured into Defender using a SIEM solution. I cannot comment on the use of Kaspersky itself as I have not worked with it and none of my customers are using it. Everything will come down to your security requirements and the budget for licensing. If you are approaching this purely from an administrative angle, then using Defender for Endpoint integrated with Intune is the way to go.
