cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Newbie question about IPS

Bozzie-UK67
Copper Contributor

‎Aug 20 2021 02:59 AM

‎Aug 20 2021 02:59 AM

Newbie question about IPS

Hi I am looking at Microsoft Defender for Endpoint but cannot find anything that actually says that it provides IPS or IDS protection.

 

Plus is it also possible to run this system in an on-Prem only mode which is isolated with no internet access?

 

Thanks 

8,350 Views
0 Likes
2 Replies
Reply
2 Replies
best response confirmed by Bozzie-UK67 (Copper Contributor)
Jayronn

‎Aug 23 2021 03:35 PM

‎Aug 23 2021 03:35 PM

Solution

Re: Newbie question about IPS

Hi @Bozzie-UK67,

 

Our attack surface reduction rules are the foundation of our host intrusion and prevention system (HIPS).

This blog may provide more insight: What’s new in Windows Defender ATP | Microsoft Security Blog as well as our public documentation: Migrating from a third-party HIPS to ASR rules | Microsoft Docs. This reference is specifically for prerequisites and troubleshooting ASR rules: Troubleshoot problems with Network protection | Microsoft Docs

 

To answer your last question about running on on-prem with no internet access, most ASR rules require Cloud protection to be enabled. 
 

Please let me know if this helps answer your question.

0 Likes
Reply
Bozzie-UK67

‎Aug 23 2021 10:27 PM

‎Aug 23 2021 10:27 PM

Re: Newbie question about IPS

HI@Jayronn 

 

Thanks for coming back to me. I saw the write up's and the cloud based solution parts but surely I thought or assumed that there may be a solution available that is standalone with no internet access. Obviously i was wrong.

As this would be for a secure standalone network this solution is not an option so will have to stick with McAfee.

Alas not everything can have access to the internet.

 

Thanks again for your reply.

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Bozzie-UK67 (Copper Contributor)
Jayronn

‎Aug 23 2021 03:35 PM

‎Aug 23 2021 03:35 PM

Solution

Re: Newbie question about IPS

Hi @Bozzie-UK67,

 

Our attack surface reduction rules are the foundation of our host intrusion and prevention system (HIPS).

This blog may provide more insight: What’s new in Windows Defender ATP | Microsoft Security Blog as well as our public documentation: Migrating from a third-party HIPS to ASR rules | Microsoft Docs. This reference is specifically for prerequisites and troubleshooting ASR rules: Troubleshoot problems with Network protection | Microsoft Docs

 

To answer your last question about running on on-prem with no internet access, most ASR rules require Cloud protection to be enabled. 
 

Please let me know if this helps answer your question.

View solution in original post

0 Likes
Reply