Aug 20 2021 02:59 AM
Hi I am looking at Microsoft Defender for Endpoint but cannot find anything that actually says that it provides IPS or IDS protection.
Plus is it also possible to run this system in an on-Prem only mode which is isolated with no internet access?
Thanks
Aug 23 2021 03:35 PM
SolutionHi @Bozzie-UK67,
Our attack surface reduction rules are the foundation of our host intrusion and prevention system (HIPS).
This blog may provide more insight: What’s new in Windows Defender ATP | Microsoft Security Blog as well as our public documentation: Migrating from a third-party HIPS to ASR rules | Microsoft Docs. This reference is specifically for prerequisites and troubleshooting ASR rules: Troubleshoot problems with Network protection | Microsoft Docs
Please let me know if this helps answer your question.
Aug 23 2021 10:27 PM
HI@Jayronn
Thanks for coming back to me. I saw the write up's and the cloud based solution parts but surely I thought or assumed that there may be a solution available that is standalone with no internet access. Obviously i was wrong.
As this would be for a secure standalone network this solution is not an option so will have to stick with McAfee.
Alas not everything can have access to the internet.
Thanks again for your reply.
Aug 23 2021 03:35 PM
SolutionHi @Bozzie-UK67,
Our attack surface reduction rules are the foundation of our host intrusion and prevention system (HIPS).
This blog may provide more insight: What’s new in Windows Defender ATP | Microsoft Security Blog as well as our public documentation: Migrating from a third-party HIPS to ASR rules | Microsoft Docs. This reference is specifically for prerequisites and troubleshooting ASR rules: Troubleshoot problems with Network protection | Microsoft Docs
Please let me know if this helps answer your question.