What is our primary use case?
I lead a delivery team. I have a team of about 20 technology specialists and we do the deployment for Microsoft Defender.
Instead of having a third-party antivirus, then you can have a Microsoft ecosystem for your entire endpoint protection.
What is most valuable?
This solution has its own sensors, which is its best feature. It senses the behavior of your endpoints, whether it is logged in from a particular location or external of that location.
It captures data through machine learning, which is built-in on the back-end. It also provides built-in analytics and a threat intelligence feature. It is a one-stop solution that doesn't require an antivirus because it comes prebuilt into Windows 10.
What needs improvement?
Sometimes, there are different skews. In a basic skew, they should have basic log analysis without the need to integrate with any third-party or SIEM solutions, like Sentinel. This would make it so much easier for users who don't have log collection or log analysis.
For how long have I used the solution?
We have been using it for a year.
What do I think about the stability of the solution?
This solution is very much stable.
What do I think about the scalability of the solution?
This solution is scalable. It is a cloud solution.
If you have the Microsoft Azure ecosystem, you can collect logs and view them through Sentinel. You can also onboard your devices within Intune.
You can integrate Microsoft Defender for Endpoint with different Microsoft solutions, e.g., Defender for Cloud, Sentinel, Endpoint Manager for onboarding of Intune, and Defender for Office 365.
We have a large number of customers.
How are customer service and support?
Premium support is okay. Professional support is not as good because it is free. You must wait because you are not paying.
How was the initial setup?
The initial setup was straightforward. There was nothing rocket science to it. It didn't take much time as we just enrolled the device and assigned the licenses, then it was done.
You just prepare it, doing a license evaluation licensing and some network configuration, then you can onboard your device.
What about the implementation team?
We do the implementation ourselves. We find it easy to deploy. We help customers adopt the solution and get better ROI.
What's my experience with pricing, setup cost, and licensing?
They have to pay for the Defender license. There are different licenses and skews, such as Plan 1, Plan 2, or the trial.
You do not need to pay any additional costs for antivirus and anti-malware solutions for endpoint protection.
What other advice do I have?
Anyone on Windows 10 Enterprise should choose this solution.
It really depends on the volume. You need one senior architect who can just define the entire thing: the device, network configuration, etc. You will also need some Level 1 engineers who need to keep on monitoring the devices and do onboarding. If they are using the latest version of Windows 10, then you can do the onboarding via Intune, Endpoint, etc.
My rating for this solution is an eight out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner