![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 34%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
210 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Thank you for posting your query on Microsoft Q&A, from above description I could see that you have purchased Defender for endpoint P2 and are looking for a way to block attacks from various networks (via hackers) on your enterprise network.
Please do correct me if this is not the ask by responding in the comments section.
Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. It would protect your endpoints by encrypting the data with BitLocker or stop attackers from accessing data on non-approved apps. It does not work directly on the networks which are being accessed but helps on the endpoints (windows, android iOS devices).
- However it has Endpoint behavioral sensors: Embedded in Windows 10, these sensors collect and process behavioral signals from the operating system and send this sensor data to your private, isolated, cloud instance of Microsoft Defender for Endpoint.
- Using this with Advanced hunting provides a query-based threat-hunting tool that lets you proactively find breaches and create custom detections. Based upon the threat hunting results you may Take action.
UPDATE #1
Yes it does but its not an entire solution as it would be protecting the endpoints only.
PFB Network protection coverage of Defender for endpoint:
Kindly refer to https://www.microsoft.com/en-us/videoplayer/embed/RE4r4yZ?postJsllMsg=true to understand how it reduces attack surface of your devices from phishing scams, exploits, and other malicious content.
You may follow any of the steps from Enable network protection documentation to enable network protection.
- In order to block the access from unverified networks you must try using Microsoft SSE solution Global Secure Access. It has two offerings Microsoft Entra Internet Access and Microsoft Entra Private Access.
Microsoft Entra Internet Access offers following key features:
- Prevent stolen tokens from being replayed with the compliant network check-in Conditional Access.
- Enriched logs with network and device signals currently supported for SharePoint Online traffic.
- Improve the precision of risk assessments on users, locations, and devices.
- Acquire network traffic from the desktop client or from a remote network, such as a branch location.
- Dedicated public internet traffic forwarding profile.
- Protect user access to the public internet while using Microsoft's cloud-delivered, identity-aware SWG solution.
- Apply universal Conditional Access policies for all internet destinations, even if not federated with Microsoft Entra ID, through integration with Conditional Access session controls.
Microsoft Entra Private Access offers following Key features
- Zero Trust based access to a range of IP addresses and/or Fully Qualified Domain Names (FQDNs) without requiring a legacy VPN. This feature is known as Quick Access.
- Per-app access for Transmission Control Protocol (TCP) apps (User Datagram Protocol (UDP) support in development).
Please "Accept the answer (Yes)" and "share your feedback ". This will help us and others in the community as well.
Thanks,
Akshay Kaushik