Forum Discussion

Labsy007's avatar
Labsy007
Copper Contributor
Dec 09, 2024

Deploying Defender for Business without o365 accounts

Hi,

I have few SMB customers, who due to nature of their buiness do not want/need o365 accounts. Beside, their company policy does not allow them to store any business data in clouds abroad. However, they all have their local AD domain and Windows-only environment.

Now, I would like to setup Defender for Business + Huntress MDR as a good and affordable threat protection combo, but here my questions begin. Please, shed some light on this:

  1. Does Defender for Business actually need endpoint users to be actually signed-in into their o365 accounts for full protection to work properly? What if they aren't - would full protection still be in place, or would Defender for business functionality drop down to basic antivirus, like regular Defender?
  2. Is Defender for Business in my case really so complicated and hard to install and setup? I've read some instructions and there is a ton of documentation, Ps scripts and tools, like Intune and such and despite being 40+ years in computer engineering, I got lost. Mostly because I do not use a ton of Microsoft products daily.
  3. Does Defender for Business have some easy to manage Cloud management tool, where I would see and manage all installed Defenders for Business? Or must I learn those Intunes, Azure, o365 Security and Defender portals, which are total overkill for those SMB which I manage?

Thank you!

microsoft defender for endpoint

1 Reply

  • MarPas's avatar
    MarPas
    Brass Contributor
    Dec 21, 2024

    Actually, when you say, "their company policy does not allow them to store any business data in clouds abroad" you should be more specific because this could potentially exclude all solutions with cloud-based management, not just Defender.

    That said, it is not strictly necessary for users to log into their O365 accounts for Defender for Business to work. However, doing so could bring significant advantages.

    Some detail to license:

    • Each user license allows you to register up to 5 devices.
    • The solution has a limit of 300 users, as it is designed for SMBs.

     

    For deployment in fully on-premises environments, you can use:

    • https://learn.microsoft.com/en-us/defender-endpoint/configure-endpoints-script
    • https://learn.microsoft.com/en-us/defender-endpoint/configure-endpoints-gp
    • https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/defender-advanced-threat-protection?redirectedfrom=MSDN#bkmk_2207

    Defender for Business offers a highly comprehensive cloud-based management tool packed with information and features, accessible via the Microsoft 365 Defender portal: https://security.microsoft.com.

    Through this portal, you can:

    • Monitor threats and alerts across all enrolled devices.
    • Configure protection policies like attack surface reduction (ASR) rules, web filtering, and more.
    • Access detailed threat analytics and reporting to improve security posture.
    • Even for small and medium-sized businesses, this portal provides a centralized and user-friendly way to manage endpoint security effectively.

    Even though it's not recent, I recommend watching this https://youtu.be/umhUNzMqZto?si=JhWScQBzfJsA34A-.

    It provides valuable insights and can help clarify several aspects of using and managing Microsoft Defender for Business.