During my time in the industry, I’ve had the opportunity to talk to many customers about their security posture, and the topic of antivirus providers typically comes up in conversation. Many customers express frustration with the state of endpoint protection in the security landscape today, and high-hype but low-return technologies being advertised as the end to malware.
Those of us who have been in the industry for more than a few years know that fear, uncertainty and doubt (FUD) just makes customers more frustrated. Adversaries are always adjusting their techniques, and the complexity and bulk of point product endpoint protection architectures and agents have themselves become a source of customer dissatisfaction. It cannot come as a surprise that this is leading organizations to look at native operating system controls, such as Microsoft’s Defender antivirus solution, as a way to improve performance and reduce costs. This is where Tanium offers a big advantage.
Microsoft Defender and malware detection
When the topic of Microsoft Defender comes up, I see customers primarily fall into one of two camps: those that are aware of Defender’s recent improvements in its malware detection capabilities and those that are not. No endpoint protection solution is 100% effective against all threats. Organizations should certainly do their due diligence to determine which antivirus solution best fits their risk profile and needs. But the idea that Defender is not capable of keeping up with legacy antivirus vendors is no longer true, and with Tanium you have the option of making it even more effective.1,2
Manageability at scale
Microsoft supports multiple tools that provide management of their Defender antivirus solution3, but customers often express frustration that these tools are difficult to use, do not scale well into large environments and do not provide assurance that the desired configurations are properly enforced since they use Microsoft Group Policy (GPO) as their enforcement mechanism. This is where Tanium Protect comes in.
Tanium Protect unleashes the full potential of native security controls, at scale, with the visibility, speed and control of Tanium. More specifically, Tanium enables security administrators to set and enforce Microsoft Defender’s configuration options, with a single console for managing exclusions globally or by any number of groups. Since the Defender configuration settings are delivered and set via the Tanium Client, machines that have broken GPO enforcement can be brought and kept under compliance via Tanium Protect. Tanium Protect also delivers Defender’s antivirus DAT update files directly to the client, eliminating the need for independent downloads.
Using Tanium’s native linear chain file-sharing capability means that no additional hardware is required in your environment to keep your antivirus agents up to date. Customers who switch to Tanium Protect and embrace Microsoft Defender can reduce hardware and license costs, such as unnecessary WSUS or third-party policy and update servers, while improving the organization’s security posture.
Third-party antivirus and extra features
Customers who still use third-party antivirus solutions may be reluctant to switch to a different product because they rely on additional protection features found in those products, such as host-based firewall and USB restriction policies. Tanium Protect can help here too, with features that allow for the management of Windows & Linux host-based firewalls, granular USB device restriction, configuration and management of AppLocker and BitLocker, and more.
The combination of Tanium Protect and Microsoft Defender allows security administrators to better secure their environment while reducing costs. With so much churn in the market for antivirus tools, it’s a great time to give this combination a look.
To learn more, reach out to your Tanium account manager or click here.
Author the Author: Hi, I’m Matthew Crowe! I’m Sr. Director, Technical Account Management at Tanium and I have spent over 25 years in IT. I consider myself fortunate to have experience across industrial controls PLC programming, IT Operations and finally IT Security where I managed antivirus and anti-spam solutions, architected and ran consulting projects and worked as a pre-sales systems engineer. You are welcome to connect with me here.