Microsoft ATA [EOL] Reviews

The solution does all my checks and handles all my domain controllers, and DNS, and integrates with the teams well. Basically, I get to forward some of the notes that ATA generates to my team so I can see them all in a single tool.

I like the fact that it looks for some of those very, very obscure techniques and attacks like golden tickets. Those are kind of very, very difficult attacks to spot. Not all of the teams that I worked with in the past had the ability to do that. With Microsoft ATA I was able to have visibility over those kinds of techniques and attacks. 

I would say sometimes it gets a little bit cumbersome to upkeep. Sometimes it's heavy to upkeep, however, that's about it in terms of my feedback of any weaknesses. I don't have any major complaints.

There are occasions where it generates some false positives and you have to embark into figuring it out. You need to find out if it was a true alert or a false positive. It's a little bit cumbersome in that area.

I would like more integration with Microsoft, and security solutions better.

I've been using the solution for a couple of years.

The stability of the solution is very good.

Scalability shouldn't be a problem, at least for the size of network team that I work with. 

Right now we have between 400 and 500 users. This is deployed in a network that is actually about 500 users.

We don't plan to increase usage. We're already using it as fully as we can and we don't have any more room. We might look at all the Microsoft programs that relate to office 365, like the ATP, because there is a difference between the ATA and the ATP. We are going to look and see whether there's any gaps that we can close. I think if you compare ATA with the actual ATP it's basically the same functionality. One is more on-premises versus the cloud. Since we are progressively in moving to the cloud, we might look at the ATP, which integrates better with the Microsoft cloud.

They do have good support. I don't think I have a problem with it at all. We have been able to work out any issues fairly quickly. Again, they have good documentation and there's a lot of how-tos. It's being used by a lot of organizations, so there is a lot of information already in the system that you can research.

I wouldn't say the initial setup was straightforward, but it was well documented. Microsoft has good documentation. If you follow it, you have good chance of succeeding. If you deviate from it, you have good chances of never getting there.

Basically we had a planning phase. We laid it all out including how we were going to architect it, and then we deployed the gateway. It was a phased approach. We deployed the ATA lightweight gateway and each domain controller and did the port mirroring and all that.  

It took us, I think, from the planning phase, about three to five days going back and forth. The deployment phase that followed was maybe another three days. After that it was just tweaking, to make sure that we got to fine-tuning down.

We had two architects, two engineers, and then the help desk personnel, which maintains the solution. We used a network architect. We had a systems engineer and then we had the server techs. In total, at any given time, there were about four or five people helping.

I believe we are looking into new licenses. They may be called the E5. Honestly, I don't have it on top of my mind, but I think it's around seven to $10 a user per month.

My sister company is a Microsoft solution provider.

I'm unsure of version of the solution we are using. It might be the most current. What I remember is we were discussing updates recently and the ATA version we were using then was 1.9.

My advice to other users is to spend a good deal of time planning. It pays off at the end. Brainstorm and come up with different scenarios. Write a plan and then write up a backup plan, so if you go into the deployment phase and you run into an issue, and you don't know how to resolve it, you have an exit plan. That way you can go back to the drawing board.  

I'd rate the solution eight out of ten.

The solution is primarily used by my clients in order to combine security software.

The solution works well when used with other Microsoft solutions.

It's rather easy to define your rules.

The software is not as advanced as many competitors. It doesn't offer the level of granularity that other software might. 

It would be ideal if the interface allowed for more granular configurations. For example, if I were to set a rule that is a deviation from the pre-defined rules in the Microsoft product, there's conflict.

The solution may not integrate well with solutions that aren't in the Microsoft family.

I've been using the solution for about a year and a half so far.

The stability of the solution is good. I've haven't seen any bugs or glitches. I haven't found it unstable.

I don't have enough experience with scalability to be able to speak about it.

Right now, we have close to 5,000 users on the solution with one of our clients.

I've never been in touch with technical support so I can't speak to how good or reliable they are.

The initial setup of the solution is pretty straightforward. I don't think it's very complex, but I wouldn't call the implementation simple. If a person has knowledge of the solution, they shouldn't face any issues.

Some deployments take three months or more. Other deployments take less than a month. It depends on the complexity of the client's environment.

We're an official Microsoft partner.

I'm not a user of the product myself. I'm a consultant.

I don't always recommend the product. It's one of the many products we work with. Usually, there's an evaluation procedure and we make a recommendation to clients as to which solution would be best to use. If ATA makes sense for the client's project we recommend it. Most clients we recommend the solution to are already using other Microsoft products. A native solution always makes sense.

I would recommend the solution, but it would depend on the company's cybersecurity design.

I'd rate the solution five out of ten.

Our primary use case is network security.

It's given us a better, more real-time ability to be aware of employee situations that could be fraudulent.

It has also measurably decreased our mean time to detect threats by about 50 percent, and helped increase staff productivity, saving about an hour per day.

One of the most valuable features is the ability to report on questionable activity.

I would like to see continuous improvement in upcoming releases.

In terms of room for improvement, some of the newer features are not completely there yet. I have confidence that they will get there but there's still room for improvement. For example, there's a tool that allows you to grade your overall internal security and I don't feel that it's completely accurate.

It's a stable solution.

It's very scalable.

Technical support is good.

We didn't have a previous solution.

The initial setup was complex. Without someone implementing it for us, we had to learn a lot of things on our own.

We have seen ROI although I can't quantify it. But based on the number of hours we've saved and potential situations that we have stopped from occurring, things that could have been a risk to the company, there's definitely an ROI.

This product was really the key one that we looked at based on the direction that our company is taking and the number of products from this vendor that we utilize.

I would recommend this solution, even though it does have room for growth. I have confidence in the company.

Regarding the maturity of our security program, there is always room for improvement. We're in a good place and this product has certainly helped us to get to a better place. We're certainly not all the way there yet.