Microsoft Defender for Endpoint Reviews

We use this as our antivirus solution.

Within its class I think, it has a high and decent detection rate.

There were a few detections that are not picked up, and then Microsoft picks up on that and they update it. That's just a normal thing you go through based on every antivirus solution. You're always going to have viruses and signatures that are coming out.

So, I wouldn't say it's the perfect solution because if you're looking at next-generation behavioral based things, for example, if you're going to use ATP, that's when you can get more methods out of it. With Defender, if you pay more you can get the ATP component, which is sold separately by Microsoft.

We do have some challenges in the reporting aspect of it. 

There's a lot of manual effort involved to configure what we need.

There are also a few issues with policies.

I've been using this solution for six months.

Defender by itself is not a solution. Defender is basically a functionality.

We have some issues with reporting, but I think it's just the way we've integrated right now, again not using ATP. So, we just use STC MS management. Then it's limited in terms of reporting.

From an operator's perspective, I think there are some policy detection issues where you've got a detection for a signature but how it translates into the FCCM dashboard where it doesn't really categorize that particular model. It picks something up as bad but it's just unknown.

So, I think that's a known issue with this particular thing. Because it doesn't know what it is classified as it doesn't really do anything. For it to do something, the policy has to recognize the category of that number. It could be a trojan horse or whatever it is, but it doesn't really do that. It could be what they call an autonomous detection where the system categorizes it as not recognized and hence it blocks it, but it's not going to let you delete it instantly. Usually, you can say if it's detected you want to block it, that's the first step. The second step is to be able to delete the file or quarantine the file. But it doesn't recognize that, so it doesn't know what it needs to do. Instead, it just blocks it. It only blocks it because it doesn't recognize it as being Malware.

I would rate this product a six out of ten.

Our primary use case for Windows Defender is to prevent malware and viruses. Security is the main purpose that it is used for by our organization.

We are no longer buying a separate antivirus with Windows 10 Server Enterprise. We are no longer buying antivirus solutions where there is no compatibility with Windows 10.

The malware features are most valuable for us because if you have an application that attacks, it is defended. It gives you a prompt and doesn't allow you to launch that app. 

If there's an application that has suspicious malware you downloaded from the internet, it gives you a prompt to prevent the application from launching.

Microsoft Windows Defender moves it to the recycle bin automatically.

Microsoft Windows Defender doesn't have a game mode. Other antivirus software (like BitDefender) have something known as a game mode. 

If you want to play a game, just enable the game mode to allow certain traffic without needing to configure it. Windows Defender doesn't have that.

There's no Windows Server edition for Windows Defender as part of the distribution.

Personally it has been about a year and a half, but in the office are we using it seven months.

In my experience, Microsoft Windows Defender has never caused any issues in operation. It is very stable. It doesn't affect the system.

Since it's a Microsoft product, scalability is top-notch. This shouldn't be an issue.

I have never had a problem with technical support. I didn't use it. I have never had any performance issues with it.

We used Bitdefender, McAfee, and Norton antivirus software previously. Those are the main experiences that we have. We used all of those at various times.

Microsoft Windows Defender installs automatically. There's no setup procedure. When you install Windows Suite or Enterprise on your machine, it installs quickly. 

There's nothing that might disturb it being activated. It installs with the operating system.

It's free because it comes with Windows. It's a free solution. We're not paying any license.

That's why it's better than Bitdefender, McAfee, or Norton. It's free.

For Windows Defender, there's no server edition for it. It's free. There is no additional cost. It's part of Windows, i.e. if you have issues with compatibility using other products. 

If you paid for Windows, it already comes with Windows Pro and Windows Enterprise automatically. It's better to go with it than pay the additional expense of deploying other solutions.

On a scale from 1 to 10, I would rate this product a nine. It doesn't have all the features that it needs to be perfect.

Our primary use case centers around blocking viruses on my personal laptop.

I'm working as a private contractor. In this regard, you can say this tool ensures I'm working with a product that gets updated regularly without me having to remember to do it. Since it's a Microsoft product, I'm confident that it requires a low use of system resources. The benefit of that being that my computer isn't constantly being drained.

One of the most valuable features of this product is the ability to "set it and forget it." I don't go in and make any changes to the settings. Another value add is the size of the user base, which is fairly large because it's a free MS product. I would imagine that it would be quite competitive since a blacklisting solution such as this is only as good as the threat intelligence it receives. I'm pretty sure that if the tool discovers something foreign and malicious it will upload that information back to Microsoft. The value of the tool is inherent within the size of the user base, which is fairly large because it's a free product by a trusted company.

I'm sure the premium product has extra features, like listing questionable websites. Defender is just an antivirus product. It would be nice to have a paid upgrade that would provide additional screening of the day-to-day activities.

Three to five years.

I haven't had any noticeable issues with it. It's quite stable.

It's very easy to set up. With admin rights, it really is very straightforward. All you need to do is install the tool and then download the definitions. 

Deployment was just basically downloading from Microsoft. It was very straightforward.

I'm currently evaluating the performance of Defender against third-party antivirus software products to see if I should continue with third-party products or just use Windows Defender.

My additional advice would be to create a test user group, deploy the software to those test users and then monitor those users as part of a log management operations center and run comparisons over several months. Comparing those users, against other users perhaps using a third-party product, like Symantec, would allow for calculation of performance and progress metrics. Based on that, a decision can be made as to whether to deploy the software across the organization or not.

I'd give this tool a rating of 8 out of 10. It's got good detection rates, low on system resources, doesn't interfere or hamper workflows, and it's easy to use.

Defender is an antivirus program available at a lower price than other products, like Symantec, McAfee, etc. Recently, Defender has now been integrated with Kaspersky Labs. There are two variants available for this product, Home basic edition and Pro. It has features that all other antivirus programs have like anti-spam, URL syntax checking, Firewall, Anti-spyware, etc. Defender has one surprise feature though called Secret Surf, which leaves no trail of your browsing history. There is feature, like free update of Anti-spyware database, that most other common Anti-virus programs don't provide.

The most problematic part of this program is the difficult customer service. Upgrading the software may cause a little bit of trouble. Your computer may lock down soon after your first reboot. There have also been some problems with the connectivity and with the internet, soon after the installation of the program. Trouble-shooting by Customer Support Engineer may take some time to figure out the problem and fix it. You may find your computer slowing down after installing the program.

Defender Pro or Home Basic antivirus provides some sort of security against the latest internet threats, but going for the reputed Anti-virus software like Symantec Endpoint, Quick Heal, etc. would be a wiser choice. The price of this program may be a bit lower, but safety of you and your computer is of greater importance.

In terms of the installation, ease of use, and user interface, Defender has been great so far.  

I think Microsoft needs to improve some of the security aspects of Defender. 
The email part, in particular, needs to be improved in terms of security effectiveness.

We started using Defender just this year. 

So far, we haven't had any issues, and we're using it for the server right now.

Installing Defender is straightforward. One person from our security team is enough to deploy and manage it. 

It's a yearly subscription.

I will rate Microsoft Defender eight out of 10 for now, but we need to evaluate it more, especially the virus detection, which still isn't proven. I think we need to evaluate it first. 
Yes. I wouldn't recommend it for end-users who already have a more capable antivirus solution. But if someone would like to try in a small environment, we can recommend Defender security.