Forum Discussion

Floyds_on_Greenwood's avatar
Floyds_on_Greenwood
Brass Contributor
Oct 13, 2020
Solved

Does MS Defender with ATP require Intune?

Background:

  • Our objective is for all Windows endpoints to have Microsoft Defender with ATP installed.
  • Environment has workstations and laptops.
  • All workstations and some laptops (specific use case) will not be enrolled in Intune.
  • The workstations will be managed through SCCM. The “specific use case laptops” will not have centralized configuration management.

 

Question:

  • Does MS Defender with ATP require Intune?
  • If it does not, would this change how the product is managed?
  • Cymon_Skinner's avatar
    Cymon_Skinner
    Nov 12, 2020

    Floyds_on_Greenwood Microsoft has several step-ups which would prove cheaper than an E5 license. Think the cost is something like;

     

    Defender ATP is £3.27 per user per month

    Defender ATP for Server is £3.27 per server per month
    looking 250 users, 25 servers
     
      

7 Replies

  • Floyds_on_Greenwood's avatar
    Floyds_on_Greenwood
    Brass Contributor
    Nov 12, 2020

    Floyds_on_Greenwood We had planned to deploy MS Defender with ATP. However, that offering looks to require M365 E5 licensing? M365 E3 is our desired offering subscription.  That could very well prove too costly for folks to absorb with a deployment over a number of users. Does MS have an offering outside of full cost of an M365 E5 subscription, and would deploy Defender with ATP coverage across 300-500 users?

     

    Thanks

    • Cymon_Skinner's avatar
      Cymon_Skinner
      Copper Contributor
      Nov 12, 2020

      Floyds_on_Greenwood Microsoft has several step-ups which would prove cheaper than an E5 license. Think the cost is something like;

       

      Defender ATP is £3.27 per user per month

      Defender ATP for Server is £3.27 per server per month
      looking 250 users, 25 servers
       
        
  • Mark Aldridge's avatar
    Mark Aldridge
    Brass Contributor
    Nov 01, 2020

    Floyds_on_Greenwood 

    No you don't require Intune.

    Intune is just one of the ways you can onboard devices into the Microsoft Defender for Endpoint.

     

    https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/onboard-configure

    • Cymon_Skinner's avatar
      Cymon_Skinner
      Copper Contributor
      Nov 12, 2020

      I agree this was/is correct with Intune, but does this apply with Endpoint Manager? A lot of configuration/policy is set with Endpoint Manager which hardens the devices - without it, ATP could report more vulnerabilities if in an Azure Active Directory only directory, no? 

      Spoiler
       

      Mark Aldridge 

      • Mark Aldridge's avatar
        Mark Aldridge
        Brass Contributor
        Nov 15, 2020

        Cymon_Skinner 

        I assume you're talking about the Microsoft Defender ATP security baseline that you can deploy from Intune. This is just Microsoft recommended setting for use with Microsoft Defender for Endpoint is how I understand it. None of these settings actually require a device to be onboarded to Microsoft Defender for Endpoint.

        All of the actual Microsoft Defender for Endpoint polices are configured within the Microsoft Defender Security Center portal http://securitycenter.microsoft.com/

Resources