Hey everyone - We’ve just brought Managed Windows Defender live! This lets you manage scan schedules, set Windows Defender Policies, bulk scan, and more, directly inside of Syncro. This is priced at $0.75 per endpoint.
The link at the bottom of that article inviting questions goes to an article called “About the Syncro Mobile App” instead of “questions about Syncro Managed Microsoft Defender deployment”.
Thanks. The question I have is, how easy is it to control what Defender alerts are ignored, and which are turned into tickets or alerts or something relevant? I deal with a lot of noise coming out of Defender logs.
(Attachment logo_ec77c740-fc81-4d02-b2cb-44c017bf97ca.bmp is missing)
So it’s more or less the same as it is with any RMM alert. They flow into our Automated Remediation system, and then you can determine what you want to action based on the type of alert and the body.
We’re already using Malwarebytes and Webroot so I’m wondering if MS Defender is needed and if it can offer additional security, can it run along with these other programs?
There is only this mentioned: “If Microsoft Defender Antivirus was manually deactivated on the endpoint previously, then you must reactivate Defender in Windows to activate Syncro’s managed integration. If Microsoft Defender Antivirus was automatically disabled by another antivirus at install, it should automatically reactivate when the other antivirus is removed.”
With the other programs, MS Defender would be deactivated normally. Does that mean that the other program have to deactivated for MS Defender to be active?
Is there more info on this situation we can read up on?
It’s not needed, then. Defender would effectively be an alternative to what you are using today. I know most AV products will disable Defender upon install because they may often conflict or cause resource issues when running in tandem. I don’t believe Defender attempts to remove other AV products, though. But I am not 100% sure on that.
Bottom line is if Webroot is working for you there is no reason to switch to anything else.
This is a little puzzling; this service is free from Microsoft.
The only added value is the integration with Syncro (notifications); you can set periodic scans from the app.
Are we paying $ 1 CAD for the integration?
I understand selling a robust AV for the client, but to pay for something he already got for free?
What am I missing?
Thanks for the quick reply Andy. This option will be good for those that don’t want to pay extra for other security packages or already use Defender with an MS365 license. I’ve been watching MS Defender over the years and it has been improving.
I’ve been requesting this for years. I just want to be able to manage MAV regardless of which it is. This allows for centralized Scheduling, Exclusions, Enabling various modules, Alerts, Remediation, etc.It’s worth it for me just for the convenience.
Suggestion: Include managing Windows Firewall. To start with enabling and disabling each of the 3 profiles. Then work toward the ability to add/enable/disable rules.