Windows 7, Windows 8.1 To Get Windows Defender ATP Service
Windows 7 and Windows 8.1 clients will soon be able to take advantage of Windows Defender Advanced Threat Protection (ATP), a post-breach detection service originally associated with Windows 10 clients.
In an announcement this week, Microsoft indicated that the service will be available as a public preview this spring. It'll be available more broadly starting sometime "this summer," which perhaps means it'll be available for production use then.
Windows Defender ATP was unveiled almost two years ago. It uses machine learning and Microsoft security expertise to detect threats in computing environments. Microsoft later indicated it was adding autoremediation capabilities to this service through its integration of Hexadite technology, so the service is also designed to automatically fix security problems.
Late last year, Microsoft suggested that Windows Defender ATP could protect Windows Server 2012 R2 and Windows Server 2016 machines, too, and its security was also extended to Linux devices, including Android, iOS and macOS machines, via partnerships with software security providers Bitdefender, Lookout and Ziften.
Now, Microsoft is offering Windows Defender ATP support to older Windows clients, even though Windows 7 will fall out of "extended support" about two years from now on Jan. 14, 2020. The use of Windows Defender ATP requires having Microsoft 365 E5 licensing, according to this Microsoft 365 Enterprise document.
Microsoft's announcement described Windows Defender ATP as a "behavioral based EDR [Endpoint Detection and Response] solution," perhaps reflecting the integration of Hexadite's autoremediation technologies. IT pros use the Windows Defender Security Center to view its detection information.
Organizations can use their own client security solutions with Windows Defender ATP, although Microsoft's announcement suggested that it works better when used with either Windows Defender Antivirus for Windows 10 or System Center Endpoint Protection for "down-level" Windows operating systems (namely, Windows 7 and Windows 8.1).
"With Windows Defender Antivirus, security teams can see all malware detections and trigger response actions to prevent the spread of malware, in the same console," Microsoft's announcement explained. Microsoft seems to be suggesting that there are console advantages to using Microsoft's anti-malware solutions with Windows Defender ATP, but it's not exactly clear why that would be the case.
Microsoft also announced on Monday that it added a new Windows Defender ATP partner, SentinelOne, adding its Endpoint Protection Platform solution.
The SentinelOne Endpoint Protection Platform provides "static and behavioral AI engines to provide multilayered prevention, detection, and response as well as encrypted traffic inspection using one autonomous agent," according to Microsoft's announcement. The machine learning-based SentinelOne service provides information from Linux and Mac devices into the Windows Defender ATP console, according to an announcement by SentinelOne, and it also has autoremediation capabilities on top of its threat-detection abilities. The integrated SentinelOne solution is currently available at the "beta access" stage.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.