Microsoft’s Windows Defender Advanced Threat Protection (ATP) service is now available for PCs running Windows 7 and Windows 8.1.
The decision to add devices powered by those operating systems was first announced a year ago. At the time, Microsoft said ATP’s Endpoint Detection & Response (EDR) functionality would be available for the older OSes by summer 2018.
Windows Defender ATP is a service that detects ongoing attacks on corporate networks, then follows up to investigate the attack or breach and provides response recommendations and attack remediation.
Software baked into Windows 10 detects attacks, while a central management console allows IT, administrators, to monitor the status of covered devices and react if necessary.
Adding the EDR client software to Windows 7 and Windows 8.1 PCs gives enterprise IT the same visibility into those machines as it has had into Windows 10 systems.
Both last year and last week, Microsoft explained the extension of ATP coverage as a way for companies to better protect their environments when they’re part way through a Windows 10 migration.
“To help customers stay secure while upgrading to Windows 10, we’ve built an EDR solution for Windows 7 and Windows 8.1 that is simple to deploy and seamless to end-users,” wrote Heike Ritter, a security product manager on the ATP team, in a post to a company blog.
Windows Defender ATP is a component within the most expensive Windows 10 licenses, such as those provided by the subscription-based Windows 10 Enterprise E5 or Microsoft 365 E5. (The company touts ATP as the differentiator between those SKUs (stock-selling units) and the tier-lower bundles.)
Microsoft now also sells ATP as an add-on to Microsoft 365 E3 – one of those lower-tier subscriptions – for an extra $12 per user per month.
Microsoft put into place the Windows 7 integration just 11 months before the operating system is set to fall off the company’s support list. (Windows 8.1 simply doesn’t matter; not only was it largely ignored by businesses, but its January 2019 user share was also only 6% of all Windows PCs.)
Given the late date – again, Microsoft originally had aimed for a mid-2018 launch date for inclusion of Windows 7 – the firm may be mostly counting on adoption by customers who will pay for extending Windows 7 support. That additional support, labeled “Windows 7 Extended Security Updates” (ESU), will be sold in one-year increments for up to three years, with prices ranging from $25 to $200 per PC per year.
Because Microsoft wants customers to migrate as many machines as possible to Windows 10’s Enterprise – the most expensive of the operating system’s editions – it discounts ESU to subscribers of Windows 10 Enterprise and Microsoft 365 Enterprise. Coincidentally, those are the same licenses – their E5 versions, specifically – that are required for Windows Defender ATP.
Microsoft may be hoping that ATP’s availability will prompt customers to obtain Windows 10 Enterprise or Microsoft 365 Enterprise licenses for their Windows 7 machines now, so that IT can configure the covered PCs now, rather than later, after support runs out.
More information about ATP and Windows 7, including instructions for including Windows 7 PCs in ATP monitoring, is available on Microsoft’s website.
This story, “Microsoft opens top-tier Defender ATP security to Windows 7 PCs” was originally published by Computerworld.
By Gregg Keizer. Senior Reporter, Computerworld | FEBRUARY 25, 2019