cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MDATP Apps Blocking (Passive mode)

Mdrafik-Shaikh
Brass Contributor

‎Jan 14 2021 03:52 AM

‎Jan 14 2021 03:52 AM

MDATP Apps Blocking (Passive mode)

Dear community,

 

Currently we are using Trend Micro as primary antivirus and MS Defender is in passive mode.

We have requirement to block unsanctioned applications using MDATP and we know integration part of MCAS.

We want to know, does it work in passive mode or we need to uninstall any third-party antivirus. 

 

Article:- https://docs.microsoft.com/en-us/cloud-app-security/mde-integration#prerequisites

2,856 Views
0 Likes
5 Replies
Reply
5 Replies
BemmelenPatrick

‎Jan 14 2021 01:43 PM

‎Jan 14 2021 01:43 PM

Re: MDATP Apps Blocking (Passive mode)

Hi Mdrafik,

The answer on this one isn't that hard actually, what Defender for Endpoint and MCAS actually do is using the Network Protection feature to block access to the unsanctioned apps.

So what this means is that you will need to look at the prerequisites for Network Protection found here:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/network-p...

As it states in this article, the Microsoft Defender AV real-time protection and cloud-delivered protection must be enabled in order for Network Protection to function.
So the answer is yes, you will need to enable Defender for Endpoint to use the unsanctioned app feature.
0 Likes
Reply
Mdrafik-Shaikh

‎Feb 10 2021 08:37 AM

‎Feb 10 2021 08:37 AM

Re: MDATP Apps Blocking (Passive mode)

@BemmelenPatrick  If we are enabling Real time protection means Microsoft Defender act as Active mode.

We are looking in Passive mode.

0 Likes
Reply
Mdrafik-Shaikh

‎Feb 10 2021 08:38 AM

‎Feb 10 2021 08:38 AM

Re: MDATP Apps Blocking (Passive mode)

It is working fine for Microsoft Edge in Passive mode. only concern is with third party browsers
0 Likes
Reply
BemmelenPatrick

‎Feb 10 2021 11:05 AM

‎Feb 10 2021 11:05 AM

Re: MDATP Apps Blocking (Passive mode)

As far as I know Edge uses Smartscreen to apply Network Protection while other browsers are "protected" using the Network Protection feature, the same principal goes for the Web Protection feature which is currently in preview.
This might declare why blocking the unsanctioned apps does work at the moment.
0 Likes
Reply
Mdrafik-Shaikh

‎Feb 11 2021 03:32 AM

‎Feb 11 2021 03:32 AM

Re: MDATP Apps Blocking (Passive mode)

@BemmelenPatrick Thanks for your reply.

we will wait and see, because as a customer point of view, everyone is looking single solution with all the features.

 

0 Likes
Reply