Forum Discussion
ATP > What do I need? Windows defender/Office365
I was interested in this as well, so I had a look, this is what I found (Long answer) -
Windows Defender Advanced Threat Protection (ATP) uses the built-in Windows Defender Antivirus, which can be used as the primary antimalware product on your endpoints. In fact, Microsoft says they work https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibilityr. If using a third-party antimalware client like ESET, Windows Defender Antivirus on that endpoint will enter into passive mode.
So you could already replace ESET with Windows Defender, now part of https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus, if you feel it offers suitable protection. Windows Defender ATP is completely optional and you would have weigh up the value of its breach detection, remediation and response features in your environment and with the costs involved of Windows 10 Enterprise E5/Education E5 or Secure Productive Enterprise E5. I'd start with a demo or trial and better understand its features perhaps.
Office 365 ATP is https://products.office.com/en-us/exchange/online-email-threat-protection that goes far beyond what the built-in Exchange Online Protection provides.
Also, there is https://support.office.com/en-gb/article/Overview-of-Advanced-Security-Management-in-Office-365-81f0ee9a-9645-45ab-ba56-de9cbccab475, which is another thing to look into. Both this and Office 365 ATP are included in https://support.office.com/en-gb/article/Office-365-Enterprise-E5-overview-and-documentation-f7407faa-6bcb-4f23-9056-7aba50d6942f. Have a look at this presentation if you get a chance - https://channel9.msdn.com/Events/Ignite/Australia-2017/PROD334.
So the short answer is it depends! It up to you to decide what is suitable and whether your security stance is strong enough and budget, of course, is a factor. Perhaps have a look at Office 365 Secure Score first and see if there are improvements you could make already to bolster your security posture. Hope that helps a bit anyway.
I was interested in this as well, so I had a look, this is what I found (Long answer) -
Windows Defender Advanced Threat Protection (ATP) uses the built-in Windows Defender Antivirus, which can be used as the primary antimalware product on your endpoints. In fact, Microsoft says they work https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibilityr. If using a third-party antimalware client like ESET, Windows Defender Antivirus on that endpoint will enter into passive mode.
So you could already replace ESET with Windows Defender, now part of https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus, if you feel it offers suitable protection. Windows Defender ATP is completely optional and you would have weigh up the value of its breach detection, remediation and response features in your environment and with the costs involved of Windows 10 Enterprise E5/Education E5 or Secure Productive Enterprise E5. I'd start with a demo or trial and better understand its features perhaps.
Office 365 ATP is https://products.office.com/en-us/exchange/online-email-threat-protection that goes far beyond what the built-in Exchange Online Protection provides.
Also, there is https://support.office.com/en-gb/article/Overview-of-Advanced-Security-Management-in-Office-365-81f0ee9a-9645-45ab-ba56-de9cbccab475, which is another thing to look into. Both this and Office 365 ATP are included in https://support.office.com/en-gb/article/Office-365-Enterprise-E5-overview-and-documentation-f7407faa-6bcb-4f23-9056-7aba50d6942f. Have a look at this presentation if you get a chance - https://channel9.msdn.com/Events/Ignite/Australia-2017/PROD334.
So the short answer is it depends! It up to you to decide what is suitable and whether your security stance is strong enough and budget, of course, is a factor. Perhaps have a look at Office 365 Secure Score first and see if there are improvements you could make already to bolster your security posture. Hope that helps a bit anyway.
Cian Allner That clears things up, a lot!!
Thanks
Anyone know if this is already available: https://blogs.office.com/en-us/2016/09/26/applying-intelligence-to-security-and-compliance-in-office-365/?
ATP in ShaerePoint/Onedrive/Office