- ProductsDRAGON ENTERPRISEComodo introduced a new approach to endpoint protection, engineered to solve the issue of legacy security solutions.PLATFORM PRODUCTS
-
Impenetrable cybersecurity without sacrificing usability
-
Gain detailed visibility into all your endpoints activities
-
Reduce the attack surface to remediate and patch
-
Fortify mobile devices that exit and enter your network
-
Keep endpoints safe from known threat signatures
-
Setup device network and security policies quickly
-
Defend from any internet based threats
-
Stop email threats before it enters your inbox
TECHNOLOGY & PROCESS-
Patented to ensure absolute isolation from threats
-
Insights from deep web and dark web to eliminate risk
-
Our pioneered approach has shifted the industry
-
100% trust an all files at lightning speeds
-
- ServicesWORLDWIDE SERVICESNo one can stop zero-day malware from entering your network, but Comodo can prevent it from causing any damage. Zero Trust. Zero Breaches. Zero damage.THREAT SERVICES
-
Retain experts to investigate an incident to start remediation
-
Our experts closely monitor changes to your environment 24x7x365
-
Cybersecurity experts will continuously hunt suspicious endpoint activity
SUPPORT, DEPLOY, MAINTAIN-
Ensure your installations are properly deployed
-
Trouble with maintaining your products? Get help now
-
Align your success with optimal security performance
-
- Free Tools
- Partners
- ResourcesRESOURCE DISCOVERYComodo introduced a new approach to add managed cybersecurity and endpoint protection to your customers benefit, right into your existing programs.KNOWLEDGE BASETHREAT LABSCOMPARE THE COMPETITON
- Company
Introduction to Windows Defender Endpoint Protection
Windows Defender Endpoint Protection has grown its reach over the past few years. Aside from Windows and Windows Server, it is now available in macOS, iOS, Android, and Linux server distributions as well.
However, feature availability varies per operating system. The same goes for the tools that deploy it and provide ongoing management. Read on to know more details about Windows Defender Endpoint Protection and what it can do for your organization. You’ll learn about licensing, the different features you can leverage, and a general strategy for onboarding tools.
Licensing
Comodo
- Windows 10 Enterprise E5
- Microsoft 365 E5
- Microsoft 365 E5 Security add-on

OS Tech Support and Feature Accessibility
Onboarding is the process of enrolling a device in Windows Defender Endpoint Protection. When a device is deployed, telemetry is collected, threats discovered by the EDR system can be remediated, and additional features like Live Response can be used on supported systems.
Things get a little complex after this point, although not always obvious. Onboarding processes may differ depending on your OS, endpoint detection and response tool (EDR), and the features available.
Let’s start with Windows. On the client-side, only Pro and Enterprise plans are available. You can install Windows 7 SP1 or Windows 8.1 on top of Windows 10 (with Azure Virtual Desktop). Windows 10 is supported from version 1607, but you can upgrade to version 1803+ since that’s when the best features really start to open up.
Long Term Servicing Channel (LTSC) versions 2008 R2 SP1, 2012 R2, 2016, and 2019 are supported by Windows Server. You’ll need at least version 1803 if you’re utilizing Semi-Annual Channel (SAC).
This is what Windows supports, but take note that they aren’t created equal. This is because different components required by MDE have been built into the OS over time.
Windows Defender Endpoint Protection is made up of two core elements. First is the endpoint protection platform or engine, which can scan files, eliminate them, adopt policies, among others.
The second one is the endpoint detection and response. This sends all of the endpoint’s telemetry and information to the cloud service, where it can be utilized to fuel investigations, mitigate incidents, detect threats that go beyond signatures and into behavior patterns, and populate databases for deeper scanning.
Onboarding and Deployment Paths
While you cannot install Windows Defender Endpoint Protection from the Microsoft 365 security portal, you can still use a settings page that gives clear instructions on how to proceed based on the tools in your resources, such as Microsoft mobile device management (MDM) or orchestration.
All platforms supported by Windows Defender also assist in manual deployments, whether it be running a script or installing an app. For devices completely enrolled in Intune, you can use that as your deployment tool. Meanwhile, if you only utilize mobile application management on Android and iOS, customers can manually install the app from the store.
Dealing with your Existing Endpoint Protection
Project management requires you to put in a lot of effort into planning the deployment of tools. By knowing the platforms supported and their feature level, you can determine which you’re going to onboard and what are the necessary tools to do so.
Consider who needs access to those tools and how they can obtain it to complete the migration. Fundamentals, like network connectivity to Microsoft cloud services, are put to the test.
Take into account the devices and people in your test group. This migration should not be done in a one-time big-time fashion. Most businesses begin with their IT department and then spread it from there, from department to department or one place to another.
Adding devices to the service is only the beginning. Endpoint security settings must be set up, while key service-side settings and functionalities must be understood and managed.
Monitor and secure your environment effectively with Comodo! Contact us now to enhance your defenses!