ESET Protect vs. Microsoft Defender for Endpoint (2024)

ESET Protect vs. Microsoft Defender for Endpoint (1)

Recently I had a chance to work for a customer who has been using ESET PROTECT antivirus. The Customer however plans to move away from the current antivirus solution, and gradually onboard all the devices into Microsoft Defender for Endpoint [MDE]. Before this can happen, existing settings and configuration of ESET must be reviewed and compared against the target solution, to ensure that rules, conditions, and exceptions can be set in place in MDE, and that MDE can take over the functionality. The exercise will focus on the current ESET PROTECT configuration being in place, not all the features available.

Although both products support multiple platforms including Windows, macOS, iOS and Android, Linux, the article focuses on the features available on Windows platforms. Capabilities on non-Windows platforms may be different.

Let’s start with Microsoft Defender for Endpoint first.

Microsoft Defender for Endpoint is a part of Microsoft 365 Defender suite of products. A small peek of the suite components is shown in the picture.

ESET Protect vs. Microsoft Defender for Endpoint (2)

Defender for Servers – this is a separate product dedicated for Windows or Linux servers, hosted either on Microsoft Azure, Amazon Web Services [AWS], Google Cloud Platform [GCP], or on-premises.

MDE comes with two licensing plans, and contains following features [although the list is not complete]:

  • Plan 1 contains core capabilities like next-generation protection against threats, malware or ransomware, attack surface reduction [ASR], firewall & network protection, and a unified management web portal.
  • Plan 2 builds on top of Plan 1, and additionally has full set of capabilities, amongst which you may find functions like Endpoint Detection and Response [EDR], Automated investigation and remediation, threat and vulnerability management, and more.
    Plan 2 also offers “Microsoft Defender Vulnerability Management” as an add-on, which further down extends the offered features.

ESET PROTECT is a suite of products which offers multiple capabilities.

  • Modern endpoint protection [web browser safeguard, network attack protection, sandbox, ransomware shield, exploit protection, UEFI scanner and more],
  • Full disk encryption [system disks, partitions, entire drives encryption],
  • Advanced threat defense [zero-day threat detection, mail security, proactive protection and more],
  • Detection and response (XDR) [threat hunting, anomaly and behavior detection, company policy violation, root cause analysis, blocking zero-day threats, and more],
  • Vulnerability and patch management [with automated or manual patching of supported app inventory],
  • Cloud App Protection [Microsoft 365 and Google Workspace application protection against malware, spam, phishing attacks],
  • Mail Security [offers functionalities like anti-spam, anti-phishing, anti-malware and more],
  • Multi-Factor Authentication (MFA) [protection against weak passwords and unauthorized access],
  • Managed Detection & Response (MDR) [24/7 threat management service designed to provide sophisticated protection, with AI-powered threat detection and response].
ESET Protect vs. Microsoft Defender for Endpoint (4)

Before proceeding further with comparing two platforms, let’s quickly get through initial steps required to onboard a device into Microsoft Defender. The steps allow devices to register in the portal and to receive policies [For detailed steps on MDE configuration, onboarding the devices, setting up roles & permissions, licenses, etc., please refer to official Microsoft documentation].

To onboard a device, navigate to Microsoft Defender portal -> Settings -> Endpoints -> Device Management -> Onboarding. The onboarding process is well described on the portal page, online documentation and additionally covered by Microsoft video material. It basically comes to selecting supported operating system and deployment method, then downloading the package and deploying to target group of devices. Further down on the page there is also a detection script that can be run against deployed onboarding package, to verify if the device is properly onboarded and reports to the service.

ESET Protect vs. Microsoft Defender for Endpoint (5)

To onboard the devices into Intune, go to Microsoft Defender portal -> Settings -> Endpoints -> Advanced Features and select “Microsoft Intune connection.”

ESET Protect vs. Microsoft Defender for Endpoint (6)

Secondly, the Defender for Endpoint connection needs to be turned on in Intune portal. Navigate to Intune -> Endpoint security -> Microsoft Defender for Endpoint and select “Allow Microsoft Defender for Endpoint to enforce Endpoint Security Configurations”.

ESET Protect vs. Microsoft Defender for Endpoint (7)

It is worth mentioning an MDE Client Analyzer tool provided by Microsoft to download. The tool runs a series of tests against the device and in the end, it presents a detailed report.

ESET Protect vs. Microsoft Defender for Endpoint (8)

Before applying desired settings on target computers, you may consider to set the policies in audit mode. On below example, the Attack Surface Reduction (ASR) is set to audit mode – the settings are not enforced on the device, only registered in the Event Viewer.

ESET Protect vs. Microsoft Defender for Endpoint (9)
ESET Protect vs. Microsoft Defender for Endpoint (10)

ESET Protect

The same set of policies can be deployed using on-premises Group Policy Objects, under Computer Configuration / Windows Components / Windows Defender Antivirus / Windows Defender Exploit Guard / Attack Surface Reduction. For more information on ASR, please refer to official Microsoft documentation.

Having the onboarding process shortly described, the next step will focus on comparing current ESET PROTECT configuration with Microsoft Defender for Endpoint equivalent settings.

The ESET PROTECT management console is web-based. After signing in, navigate to Policies, and select policy that configures settings for managed Windows endpoints, in this case “ESET Windows security”.

ESET Protect vs. Microsoft Defender for Endpoint (11)

The policies are grouped into five sections.

  • “Detection Engine”, guards against malicious system attacks.
  • “Update” covers configuration related to module and product updates on endpoints.
  • “Protections” contains settings with actions against potentially unwanted and unsafe applications.
  • “Connectivity” contains proxy settings.
  • “User interface”, which sets the password so that user cannot amend changes.

Now let’s take a closer look at the current configuration in ESET PROTECT portal and attempt to locate the same [where available] or similar under Microsoft Defender portal. The exercise is presented below in a table, with ESET being on the left, MDE in the middle, and a comment on the right. Also, each presented ESET configuration setting and its Microsoft ‘equivalent’ will have its location/path in the console mentioned.

ESET Protect vs. Microsoft Defender for Endpoint (12)
ESET Protect vs. Microsoft Defender for Endpoint (13)
ESET Protect vs. Microsoft Defender for Endpoint (14)
ESET Protect vs. Microsoft Defender for Endpoint (15)
ESET Protect vs. Microsoft Defender for Endpoint (16)
ESET Protect vs. Microsoft Defender for Endpoint (17)
ESET Protect vs. Microsoft Defender for Endpoint (18)
ESET Protect vs. Microsoft Defender for Endpoint (19)

Summary

So, having both products compared with emphasis on the current ESET PROTECT configuration at the customer’s environment, and checking against settings which will take over the functionality on MDE side, I could conclude that the migration can go ahead and move forward. Configuring MDE may require a bit more effort as the configuration is divided into designated profiles which have to be configured separately. In the end however, the result is that the policies apply, the device is protected, and devices which are protected by MDE report no issues.

ESET Protect vs. Microsoft Defender for Endpoint (20)

There are of course many more settings available on both platforms should we want to compare them all. However, in this case, the setup on ESET side was not that sophisticated, hence the effort to migrate the settings and apply additional ones with Microsoft’s best practices was not that challenging 😊

ESET Protect vs. Microsoft Defender for Endpoint (2024)
Top Articles
150 Healthy Soup Recipes
Sourdough Pie Crust Recipe
The Tribes and Castes of the Central Provinces of India, Volume 3
Chris Provost Daughter Addie
Metra Union Pacific West Schedule
Lexi Vonn
Live Basketball Scores Flashscore
Don Wallence Auto Sales Vehicles
Western Razor David Angelo Net Worth
United Dual Complete Providers
Truist Drive Through Hours
Youtube Combe
No Credit Check Apartments In West Palm Beach Fl
Pwc Transparency Report
How Quickly Do I Lose My Bike Fitness?
Otr Cross Reference
Osrs Blessed Axe
Detroit Lions 50 50
Goldsboro Daily News Obituaries
How Many Slices Are In A Large Pizza? | Number Of Pizzas To Order For Your Next Party
Winterset Rants And Raves
Idaho Harvest Statistics
Icommerce Agent
*Price Lowered! This weekend ONLY* 2006 VTX1300R, windshield & hard bags, low mi - motorcycles/scooters - by owner -...
Finalize Teams Yahoo Fantasy Football
Kaitlyn Katsaros Forum
Quest: Broken Home | Sal's Realm of RuneScape
Tu Pulga Online Utah
Gran Turismo Showtimes Near Marcus Renaissance Cinema
How to Watch Every NFL Football Game on a Streaming Service
EVO Entertainment | Cinema. Bowling. Games.
Bayard Martensen
Ice Dodo Unblocked 76
Ezstub Cross Country
Ravens 24X7 Forum
After Transmigrating, The Fat Wife Made A Comeback! Chapter 2209 – Chapter 2209: Love at First Sight - Novel Cool
Autotrader Bmw X5
How does paysafecard work? The only guide you need
Haley Gifts :: Stardew Valley
Greencastle Railcam
Skip The Games Ventura
Directions To 401 East Chestnut Street Louisville Kentucky
Go Smiles Herndon Reviews
Toonily The Carry
USB C 3HDMI Dock UCN3278 (12 in 1)
Simnet Jwu
Man Stuff Idaho
The power of the NFL, its data, and the shift to CTV
Caesars Rewards Loyalty Program Review [Previously Total Rewards]
Hampton Inn Corbin Ky Bed Bugs
How To Find Reliable Health Information Online
Coldestuknow
Latest Posts
Article information

Author: Tyson Zemlak

Last Updated:

Views: 6022

Rating: 4.2 / 5 (43 voted)

Reviews: 82% of readers found this page helpful

Author information

Name: Tyson Zemlak

Birthday: 1992-03-17

Address: Apt. 662 96191 Quigley Dam, Kubview, MA 42013

Phone: +441678032891

Job: Community-Services Orchestrator

Hobby: Coffee roasting, Calligraphy, Metalworking, Fashion, Vehicle restoration, Shopping, Photography

Introduction: My name is Tyson Zemlak, I am a excited, light, sparkling, super, open, fair, magnificent person who loves writing and wants to share my knowledge and understanding with you.