Jun 10 2022 01:00 AM
Defender for Endpoint P1 part of E3 has the following features @https://techcommunity.microsoft.com/t5/image/serverpage/image-id/339321i24826981F01F7385/image-dimen...
My questions are
- if we have E3 licenses we access to security.microsoft.com but according to the above P1 features we are NOT allowed to use the TVM dashboard/security recommendations/weakness etc?
- we are not allowed to enable EDR in block mode?
- the default in DFE is 'full automated remediation and repsonse' so do we have to create a device group and set AIR to not configured?
- which settings in 'settings' are we not allowed to enable as per P1 license?
- are we allowed to use the MEM/Intune Security Baseline for Defender for Endpoint for our clients cause some settings in this baseline are not P1?
I'm totally confused cause we have access to all these features in DFE but are we allowed and how to use or not use there non P1 features.
Jun 10 2022 03:42 AM
Jun 12 2022 12:15 AM - edited Jun 12 2022 12:16 AM
@AnuragSrivastava
Thank for you answers but van you clarrify a bit more please?
-so we are not allowed to open and use the TVM dashboard at all not even look into it?
-EDR is not allowed so we can not set it in block mode? Side question, if we set it in block mode will it even work with a P1 license?
-AIR is default Enabled in Full mode , does this mean we have to disable/Not configured mode for the Default Device Group?
-What happens with settings in Security Baseline policy that are under the P2 flag? Will they be applied and just work or not applied?
-