We’ve been using the Business Premium licence for years, but I’ve only just discovered that Microsoft Defender was added into the Business Premium licence a while back.
So am I correct in thinking I could potentially get rid of my third party endpoint protection now and replace it with Microsoft Defender.
Do I need to do any config or set any policies in the Defender or Endpoint Admin portals, or install any clients on the endpoints?
Many thanks.
Answer from mb13977 on community.spiceworks.comVideos
What is Microsoft 365 Business Premium?
Business Premium is an integrated solution that brings together best-in-class productivity tools, security, and device management capabilities for small to medium-sized businesses. It's a comprehensive, cloud-based security solution that enables you to defend your business against advanced threats with sophisticated phishing and ransomware protection. Business Premium helps you safeguard your data, devices, and information.
Business Premium is fully integrated with Microsoft 365 Apps to provide you with a familiar location for administration, billing, and 24x7 support. It consists of enterprise-grade technology built for businesses with fewer than 300 users.
What's the difference between Microsoft 365 Business Standard, Microsoft 365 Business Premium, and Microsoft 365 Enterprise?
Microsoft has productivity and security management offerings that bring increasingly powerful features and functionality to small to medium-sized businesses:
Microsoft 365 Business Standard includes the apps and services that businesses need for remote work and collaboration. It includes Microsoft Teams, secure cloud storage, business email, and premium Office applications across devices.
Microsoft 365 Business Premium is a comprehensive cloud productivity and security solution that's designed and built for small and medium-sized businesses (1-300 users). Microsoft 365 Business Premium includes everything in Microsoft 365 Business Standard, plus the following security products:
- Microsoft Defender for Business
- Microsoft Defender for Office 365 Plan 1.
You get more cybersecurity and productivity capabilities, including advanced security protection, next-generation protection, endpoint detection and response, and threat & vulnerability management.
Microsoft 365 Enterprise is a complete, intelligent solution that empowers everyone to be creative and work together securely. Microsoft 365 for enterprise is designed for large organizations, but it's also available to small to medium-sized businesses who need the most advanced security and productivity capabilities.
For more information, see:
- Microsoft 365 User Subscription Suites for Small and Medium-sized Businesses
- Microsoft 365 for enterprise overview
How can I get Microsoft 365 Business Premium for my business?
You can purchase Business Premium using either of the following methods:
- Through a Microsoft Partner.
- Directly from Microsoft.
How you purchase Business Premium depends on your IT staff capability and whether you want to manage your own IT infrastructure. A Microsoft Partner can help you deploy and manage your IT infrastructure, including Microsoft solutions.
Hi all,
A Microsoft partner has just told me the following;
As Microsoft have just gone through a big name change for their security products I wanted to make sure you were in the loop and understood their latest offerings.
- Microsoft Defender For Endpoint – (If it is just Endpoint Protection you need then this is ideal).
- Microsoft Defender for Office 365 (Plan 1) (This is appropriate if you require email protection for spam, phishing email and malicious content & Endpoint)
- Microsoft Defender for Office 365 (Plan 2) (This is appropriate if you require Endpoint, Email Protection & Threat analytics & Attack Simulator)
As discussed on the call the top product is included within your M365 Business Premium License as well as ATP for email security.
Whereas the Microsoft website suggests
Can Microsoft 365 Business Premium customers use Microsoft Defender for Endpoint?
Yes, Microsoft Defender for Endpoint is available as an add-on to Microsoft 365 Business Premium when purchased from a Microsoft Cloud Solution Provider.
Who is right?
We’ve been using the Business Premium licence for years, but I’ve only just discovered that Microsoft Defender was added into the Business Premium licence a while back.
So am I correct in thinking I could potentially get rid of my third party endpoint protection now and replace it with Microsoft Defender.
Do I need to do any config or set any policies in the Defender or Endpoint Admin portals, or install any clients on the endpoints?
Many thanks.
In my experience there is a separate Endpoint portal and you have to run an onboarding script on the endpoint for it to show up in the portal. This script is only a couple of lines and you should be able to push is out with something like PDQ Deploy.
Hi @Israt Jahan Tulin
Thank you for posting this in Microsoft Q&A.
What is the difference between Microsoft Defender for Business and Defender for Endpoint?
Microsoft Defender for Business is designed for small and medium-sized businesses with up to 300 users. With this endpoint security solution, your company's devices are better protected from ransomware, malware, phishing, and other threats.
Microsoft Defender for Endpoint caters to larger enterprises with more than 300 employees and is included in Microsoft 365 enterprise plans. It offers two plans, P1 and P2, with the latter encompassing all the capabilities of Defender for Business plus additional features such as:
Threat Hunting & Data Retention: Enables proactive threat hunting with advanced tools and extended data retention.
Microsoft Threat Experts: Offers expert-level monitoring and analysis to detect and respond to critical threats effectively.
Is Defender for Endpoint included in Defender for Business?
Defender for Endpoint is not included in Defender for Business, but it can be purchased as a separate product.
Is there any limitation for in Defender for Business?
There are some limitations to Defender for Business, such as it is designed for small and medium-sized businesses who have up to 300 users. If you have more than 300 users, consider an enterprise solution, such as Defender for Endpoint, Microsoft Defender XDR, Microsoft 365 for enterprise and limited support for macOS and Linux devices. You can onboard and secure up to five client devices per user license.
Aside from Defender for Endpoint, what extra features are included in Defender for Business
In addition to Defender for Endpoint, Defender for Business includes features such as
1.Threat and Vulnerability Management: Provides real-time insights and management of software vulnerabilities.
2.Attack Surface Reduction: Secures vulnerable points in your organization against cyberthreats.
3.Next Generation Protection: Strengthens the security perimeter of your network.
4.Automated Investigation & Remediation: Streamlines alert management through automation.
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Hello,
You can find all the differences and limitations here: https://learn.microsoft.com/en-us/defender-business/mdb-faq#what-are-the-differences-between-defender-for-business-and-defender-for-endpoint-plans-1-and-2
Regards
David
Hi all
I've a client who has a number of Microsoft Business Premium licenses in play and I know there are some new benefits within the included features / security scope etc.
They are under the impression that Windows Defender can be deployed to the associated endpoints via MDM / Intune because the licenses are Business Premium.
However, I'm banging my head against a wall to try find out how exactly this is done. I can see Microsoft Defender for Endpoint but that requires a sub specifically to that or likely E3/E5.
So really my query is, Is Defender included as a deployable element to devices with Business Premium or is it only the defender for Office 365, along with some defender configuration capabilities (for example I have been able to create a policy to assign to specific groups etc)
https://docs.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-business-service-description
This link, on the notes section at the bottom, suggest bus prem utilises the on board defender. 10. With Microsoft 365 Business Premium you not only get Microsoft Defender security features that come enabled in Windows Pro, you also get access to premium features like network protection for web-based threats and host intrusion prevention rules to mitigate ransomware. When you set up your Microsoft 365 Business Premium account, you select app protection, and device configuration settings. These settings determine the policies that are applied automatically to devices when they join Azure Active Directory.