Dec 05 2019 05:39 PM - edited Dec 09 2019 03:50 AM
Has anyone had any experience with swapping out SEP for Defender ATP?
We are looking at deploying Defender ATP as a “minimum viable product” with some of the more aggressive settings enabled in “Audit only” mode - If this is done – then the protection is not in place…?
So do we need to run SEP + Defender ATP in Audit only mode together for a period?
Then turn on Defender ATP policies in enforcement mode + remove SEP?
Has anyone done this in scale anywhere?
We’re assuming that someone has – any potential dramas to be aware of that we should avoid?