Great Video.. Have a few questions. Could you please help understand.. 1. Is it possible to scope Microsoft defender for endpoint to a subset of users rather than tenant wide? 2. Is it possible to scope Microsoft defender for O365 to a subset of users rather than tenant wide? 3. If we limit the licenses to a certain subset of users rather than tenant wide for above services ( if they are possible) , what impact would that have on services like Defender for Identity and Entra ID identity protection ? 4. What is your recommendation in terms of E5 licenses for users who don’t have a mailbox and don’t have endpoint devices , say they don’t have a laptop and mailbox attached to user, but only use SSL VPN to access company apps?
Hey, for 1 and 2 you can check here: learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance. By default you're not able to limit the DEfender for O365 , but you might be able to do this for Safe Links and Safe Attachments. Defender for Endpoint as I can see you can limit to only the users that you require this for. In regards to 3: if you limit the products, they will not benefit from the services of course, the Identity and Access Management products would still function correctly for their functionality, you just won't have coverage for the products you decided to limit. As far as 4: not sure I understand correctly but if you are assigning E5 licenses to a user that doesnt have a laptop or isnt a white collar employee, you'd be better off looking into F1/F3 licenses with additional F5 security add-ons.
Great Video.. Have a few questions. Could you please help understand..
1. Is it possible to scope Microsoft defender for endpoint to a subset of users rather than tenant wide?
2. Is it possible to scope Microsoft defender for O365 to a subset of users rather than tenant wide?
3. If we limit the licenses to a certain subset of users rather than tenant wide for above services ( if they are possible) , what impact would that have on services like Defender for Identity and Entra ID identity protection ?
4. What is your recommendation in terms of E5 licenses for users who don’t have a mailbox and don’t have endpoint devices , say they don’t have a laptop and mailbox attached to user, but only use SSL VPN to access company apps?
Hey, for 1 and 2 you can check here: learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance. By default you're not able to limit the DEfender for O365 , but you might be able to do this for Safe Links and Safe Attachments. Defender for Endpoint as I can see you can limit to only the users that you require this for. In regards to 3: if you limit the products, they will not benefit from the services of course, the Identity and Access Management products would still function correctly for their functionality, you just won't have coverage for the products you decided to limit. As far as 4: not sure I understand correctly but if you are assigning E5 licenses to a user that doesnt have a laptop or isnt a white collar employee, you'd be better off looking into F1/F3 licenses with additional F5 security add-ons.