Re: ATP vs. just Defender in lab/clinic environments

[Curt Kappenman <ckappenman () ANDERSONUNIVERSITY EDU>]

I would love to be involved in a conversation about A3, A5, P2.
Curt

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Blake Brown
Sent: Thursday, January 14, 2021 1:55 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] ATP vs. just Defender in lab/clinic environments

A5/E5 general conversation would be most helpful. We are A3 and looking at the A5 Security Add On.

Thanks,
Blake


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> on behalf of John Ramsey <000001cd0b5a1098-dmarc-request () LISTSERV EDUCAUSE 
EDU<mailto:000001cd0b5a1098-dmarc-request () LISTSERV EDUCAUSE EDU>>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>>
Date: Thursday, January 14, 2021 at 10:53 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE 
EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: Re: [SECURITY] ATP vs. just Defender in lab/clinic environments

External Email
We are using E5 extensively and pretty much leveraging everything.  Am happy to have a conversation on this.  Also, if 
there are a few interested in A5/E5, maybe a broader conversation is warranted as well.

John Ramsey, Chief Information Security Officer
National Student Clearinghouse
Certified: CISSP, CISM, PMP, CSSLP, CRISC, CGEIT
2300 Dulles Station Blvd., Suite 220
Herndon, VA 20171
703.742.4428 | studentclearinghouse.org<http://www.studentclearinghouse.org>
LinkedIn<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fnational-student-clearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590166954&sdata=MdT45I1n7Hwbp8Zlkxlm0wEd0LdLnq5Cpr91ybCEjHw%3D&reserved=0>
 | 
Twitter<https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fnsclearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590171933&sdata=idMHM8D4VdMRpIa2H1YUTmwMgC4ZU0L2jqL3VjVNs4s%3D&reserved=0>
 | 
Facebook<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.facebook.com%2FNSClearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590176915&sdata=ILW%2BPdv1fgHooOkbQlkP9ei%2BJOsk7YlCMzYNU572flU%3D&reserved=0>
 | Blog<https://www.studentclearinghouse.org/nscblog/> | Instagram<https://www.instagram.com/NSClearinghouse/>

Serving Education Since 1993

This message is proprietary to the National Student Clearinghouse, is intended only for the addressee and may contain 
confidential or privileged information. If you receive this message in error, please contact the sender and delete all 
copies.

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Catherine Ullman
Sent: Thursday, January 14, 2021 12:08 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] ATP vs. just Defender in lab/clinic environments

Hi Folks!


We, at the University at Buffalo, have recently moved to a Microsoft A5 license and are currently working on rolling 
out many of the new features.  Currently we are planning our Windows Defender for Endpoint (Advanced Threat Protection) 
rollout and have some decisions to make which we were hoping to hear how others implemented this.  We have a few 
different shared computing paradigms in which we are trying to decide if licensing the machine for Defender for 
Endpoint is appropriate or if using just the embedded windows defender from the operating system is adequate.  Some of 
these systems are as follows:



Campus Public Labs:

These are VDI machines that are used by students.  The machines are provisioned on demand and destroyed upon logout.



Department Labs:

These are bare metal machines shared by students located in a shared space within a specific school.



Campus Clinics:

These are VDI/Citrix desktops that are used by students, like labs they are provisioned on demand and destroyed upon 
logout, but process more sensitive information than the labs.



Any thoughts or lessons learned from your implementation would be greatly appreciated.  Thanks in advance!



Best,

Cathy



Dr. Catherine J Ullman
Senior Information Security Forensic Analyst
Information Security Office
University at Buffalo
cende () buffalo edu<mailto:cende () buffalo edu>





**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community