cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

new to defender for endpoint

Bepees
Copper Contributor

‎Sep 25 2023 07:03 AM - edited ‎Oct 02 2023 01:50 AM

‎Sep 25 2023 07:03 AM - edited ‎Oct 02 2023 01:50 AM

new to defender for endpoint

Hello everyone.

I am looking to start using defender for endpoint for our business. I find it all a bitt fuzzy and im therefore looking for help.

 

we have a local ad with about 40 devices. We use microsoft 365 E3-E5 and and some f3 licenses.

What is the best way to get it up and running?

We do not have ad connect set up yet. Do we need that in order to onboard devices?

 

Is there any good step by step instructions on how to set both ad connect and defender available?

 

Best regards

Stefan

 

 

edit:
Thank to you who responded. It gave me new insights.

I finally decided to renew my eset license instead as it is much easier to administer.

One installation file with the license token and you are good to go.
In order for me to be able to use endpoint i'd have to enroll azure ad connect and then figure out how to further deploy it to my endpoints. Eset made it so much easier with just one .exe file to run on each computer.

 

 

356 Views
0 Likes
3 Replies
Reply
3 Replies
eliekarkafy

‎Sep 25 2023 07:48 AM

‎Sep 25 2023 07:48 AM

Re: new to defender for endpoint

@Bepees Hello only your E5 licenses includes the MDE features. MDE Have 2 plans and you can choose one of the plans depending on your needs from the security capabilities that MDE presents. 

 

since you're a SMB Company, I suggest you go with defender with Business suitable for the companies that have 300 users and less. 

 

if your devices are joined to the local domain than you need to install and configure Entra connect and enable hybrid ad join and sync your devices to the cloud. if your device are joined to Entra only than Entra connect is not needed.

 

the comparison between MDE and MDB as the below link 

Compare security features in Microsoft 365 plans for small and medium-sized businesses | Microsoft L...

 

to install and configure MDB as the below link. 

Set up and configure Microsoft Defender for Business | Microsoft Learn

 

to install and configure Entra connect as the below link 

Microsoft Entra Connect and Microsoft Entra Connect Health installation roadmap. - Microsoft Entra |...

 

to configure hybrid ad join 

Configure Microsoft Entra hybrid join - Microsoft Entra | Microsoft Learn

0 Likes
Reply
rahuljindal-MVP

‎Sep 25 2023 08:10 AM

‎Sep 25 2023 08:10 AM

Re: new to defender for endpoint

There are lot of licensing options when it comes to Defender for Endpoint. E3 will give you MDE plan 1 which doesn't cover advanced Defender capabilities like EDR, AIR etc. MDE plan 2 will cover these as part of E5. I will suggest to speak to a licensing expert\partner to get your sorted.

As for the implementation, if your devices are domain joined, then at a minimum, you will need to configure the AAD connect and sync the relevant attributes. You can avoid the need for doing a full HAADJ and utilize security configuration settings in Defender to onboard and manage the devices for MDE policies, but I will recommend to HAADJ and enroll & manage devices using Intune.
0 Likes
Reply
Bepees

‎Sep 25 2023 08:23 AM

‎Sep 25 2023 08:23 AM

Re: new to defender for endpoint

@eliekarkafy and @rahuljindal-MVP Hi. Thanks for your replies.
So connecting the on prem ad to azure is required.
Yes i am going to talk to an licensing expert later on because we need to sort some things out, like replacing f3 with better suited licenses.
Main goal right now is to get started with MDE and replace ESET which we use today.
1 Like
Reply