Essential solutions

Silver Contributor

There are currently 10 different solutions with Essentials in their title and many of them have very similar titles, e.g. DNS, Network Session and Network Threat Protection.

Do other firms typically recommend/install all of these?

Does Microsoft consider this to be the recommended "starter set"?

1 Reply

@Dean Gross I cant speak for Microsoft in regards to this


But best practice in my experience, is to ingest the defender feeds first then shape your Sentinel to a particular architectural model for your environment. i.e. Threat informed defence, this would be based on the capabilities of your SOC or security team.


Ingest only what you require to monitor otherwise there can be typically big cost blow outs and "bill" shock when ingesting data into Sentinel