SOLVED

ATP > What do I need? Windows defender/Office365

%3CLINGO-SUB%20id%3D%22lingo-sub-82729%22%20slang%3D%22en-US%22%3EATP%20%26gt%3B%20What%20do%20I%20need%3F%20Windows%20defender%2FOffice365%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-82729%22%20slang%3D%22en-US%22%3E%3CP%3EOur%20users%20have%20Windows10%20and%20Office365%20(E3)%20and%20ESET%20ativirus.%20In%20order%20to%20give%20them%20the%20best%20protection.%20What%20do%20I%20need%3F%3C%2FP%3E%3CP%3E1.%20Windows%20defender%20ATP%3F%3C%2FP%3E%3CP%3E2.%20Office365%20ATP%3C%2FP%3E%3CP%3E3.%20Both%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDo%20I%20still%20need%20ESET%3F%20Or%20will%20Defender%20and%20ATP%20be%20enough%3F%3C%2FP%3E%3CP%3EI%20cannot%20figure%20it%20out.%20What%20is%20exactly%20the%20difference%20betweem%20them%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%2C%20Mike%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-84755%22%20slang%3D%22en-US%22%3ERe%3A%20ATP%20%26gt%3B%20What%20do%20I%20need%3F%20Windows%20defender%2FOffice365%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-84755%22%20slang%3D%22en-US%22%3EThank%20you%20for%20the%20extensive%20answer%2C%20this%20made%20some%20things%20very%20clear%20to%20me%20aswell%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-84658%22%20slang%3D%22en-US%22%3ERe%3A%20ATP%20%26gt%3B%20What%20do%20I%20need%3F%20Windows%20defender%2FOffice365%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-84658%22%20slang%3D%22en-US%22%3E%3CP%3EAnyone%20know%20if%20this%20is%20already%20available%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fblogs.office.com%2Fen-us%2F2016%2F09%2F26%2Fapplying-intelligence-to-security-and-compliance-in-office-365%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.office.com%2Fen-us%2F2016%2F09%2F26%2Fapplying-intelligence-to-security-and-compliance-in-office-365%2F%3C%2FA%3E%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EATP%20in%20ShaerePoint%2FOnedrive%2FOffice%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-83519%22%20slang%3D%22en-US%22%3ERe%3A%20ATP%20%26gt%3B%20What%20do%20I%20need%3F%20Windows%20defender%2FOffice365%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-83519%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F2395%22%20target%3D%22_blank%22%3E%40Cian%20Allner%3C%2FA%3E%26nbsp%3BThat%20clears%20things%20up%2C%20a%20lot!!%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-83508%22%20slang%3D%22en-US%22%3ERe%3A%20ATP%20%26gt%3B%20What%20do%20I%20need%3F%20Windows%20defender%2FOffice365%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-83508%22%20slang%3D%22en-US%22%3E%3CP%3EI%20was%20interested%20in%20this%20as%20well%2C%20so%20I%20had%20a%20look%2C%20this%20is%20what%20I%20found%20(Long%20answer)%20-%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWindows%20Defender%20Advanced%20Threat%20Protection%20(ATP)%20uses%20the%20built-in%26nbsp%3BWindows%20Defender%20Antivirus%2C%20which%20can%20be%20used%20%3CSPAN%3Eas%20the%20primary%20antimalware%20product%20on%20your%20endpoints.%20%26nbsp%3BI%3C%2FSPAN%3En%20fact%2C%20Microsoft%20says%20they%20work%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fthreat-protection%2Fwindows-defender-antivirus%2Fwindows-defender-antivirus-compatibility%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Ebetter%20togethe%3C%2FA%3Er.%20%26nbsp%3BIf%20using%20a%20third-party%20antimalware%20client%20like%26nbsp%3BESET%2C%20Windows%20Defender%20Antivirus%20on%20that%20endpoint%20will%20enter%20into%20passive%20mode.%20%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20you%20could%20already%20replace%20ESET%20with%20Windows%20Defender%2C%20now%20part%20of%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fthreat-protection%2Fwindows-defender-antivirus%2Fwindows-defender-security-center-antivirus%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EWindows%20Defender%20Security%20Center%20app%3C%2FA%3E%2C%26nbsp%3Bif%20you%20feel%20it%20offers%20suitable%26nbsp%3Bprotection.%20%26nbsp%3BWindows%20Defender%20ATP%20is%20completely%20optional%20and%20you%20would%20have%20weigh%20up%20the%20value%20of%20its%20breach%20detection%2C%20remediation%20and%20response%20features%26nbsp%3Bin%20your%20environment%20and%20with%20the%20costs%20involved%20of%26nbsp%3BWindows%2010%20Enterprise%20E5%2FEducation%20E5%20or%26nbsp%3BSecure%20Productive%20Enterprise%20E5.%20%26nbsp%3BI'd%20start%20with%20a%20demo%20or%20trial%20and%20better%20understand%20its%20features%20perhaps.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOffice%20365%20ATP%20is%20%3CA%20href%3D%22https%3A%2F%2Fproducts.office.com%2Fen-us%2Fexchange%2Fonline-email-threat-protection%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Eadvanced%20email%20protection%3C%2FA%3Ethat%20goes%20far%20beyond%20what%20the%20built-in%20Exchange%20Online%20Protection%20provides.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAlso%2C%20there%20is%20%3CA%20href%3D%22https%3A%2F%2Fsupport.office.com%2Fen-gb%2Farticle%2FOverview-of-Advanced-Security-Management-in-Office-365-81f0ee9a-9645-45ab-ba56-de9cbccab475%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EAdvanced%20Security%20Management%20in%20Office%20365%3C%2FA%3E%2C%20which%20is%20another%20thing%20to%20look%20into.%20Both%20this%20and%20Office%20365%20ATP%20are%20included%20in%20%3CA%20href%3D%22https%3A%2F%2Fsupport.office.com%2Fen-gb%2Farticle%2FOffice-365-Enterprise-E5-overview-and-documentation-f7407faa-6bcb-4f23-9056-7aba50d6942f%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EOffice%20365%20E5%3C%2FA%3E.%20%26nbsp%3BHave%20a%20look%20at%20this%20presentation%20if%20you%20get%20a%20chance%20%26nbsp%3B-%20%3CA%20href%3D%22https%3A%2F%2Fchannel9.msdn.com%2FEvents%2FIgnite%2FAustralia-2017%2FPROD334%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EDeep%20Dive%20-%20Office%20365%20E5%20Security%20Capabilities%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20the%20short%20answer%26nbsp%3Bis%20it%20depends!%20It%20up%20to%20you%20to%20decide%20what%20is%20suitable%20and%20whether%20your%20security%20stance%20is%20strong%20enough%20and%20budget%2C%20of%20course%2C%20is%20a%20factor.%20%26nbsp%3BPerhaps%20have%20a%20look%20at%20Office%20365%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FOffice-365%2FWhat-is-Office-365-Secure-Score%2Fm-p%2F61772%22%20target%3D%22_self%22%3ESecure%20Score%3C%2FA%3Efirst%20and%20see%20if%20there%20are%26nbsp%3Bimprovements%20you%20could%26nbsp%3Bmake%20already%20to%20bolster%20your%20security%20posture.%20Hope%20that%20helps%20a%20bit%20anyway.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Regular Contributor

Our users have Windows10 and Office365 (E3) and ESET ativirus. In order to give them the best protection. What do I need?

1. Windows defender ATP?

2. Office365 ATP

3. Both?

 

Do I still need ESET? Or will Defender and ATP be enough?

I cannot figure it out. What is exactly the difference betweem them?

 

Thanks, Mike

4 Replies
Best Response confirmed by Mike Jansen (Regular Contributor)
Solution

I was interested in this as well, so I had a look, this is what I found (Long answer) -

 

Windows Defender Advanced Threat Protection (ATP) uses the built-in Windows Defender Antivirus, which can be used as the primary antimalware product on your endpoints.  In fact, Microsoft says they work better together.  If using a third-party antimalware client like ESET, Windows Defender Antivirus on that endpoint will enter into passive mode.  

 

So you could already replace ESET with Windows Defender, now part of Windows Defender Security Center app, if you feel it offers suitable protection.  Windows Defender ATP is completely optional and you would have weigh up the value of its breach detection, remediation and response features in your environment and with the costs involved of Windows 10 Enterprise E5/Education E5 or Secure Productive Enterprise E5.  I'd start with a demo or trial and better understand its features perhaps.

 

Office 365 ATP is advanced email protection that goes far beyond what the built-in Exchange Online Protection provides.

 

Also, there is Advanced Security Management in Office 365, which is another thing to look into. Both this and Office 365 ATP are included in Office 365 E5.  Have a look at this presentation if you get a chance  - Deep Dive - Office 365 E5 Security Capabilities.

 

So the short answer is it depends! It up to you to decide what is suitable and whether your security stance is strong enough and budget, of course, is a factor.  Perhaps have a look at Office 365 Secure Score first and see if there are improvements you could make already to bolster your security posture. Hope that helps a bit anyway.

@Cian Allner That clears things up, a lot!!

Thanks

Anyone know if this is already available: https://blogs.office.com/en-us/2016/09/26/applying-intelligence-to-security-and-compliance-in-office...?

 

ATP in ShaerePoint/Onedrive/Office

Thank you for the extensive answer, this made some things very clear to me aswell