Compare Microsoft endpoint security plans
Microsoft endpoint security plans, such as Microsoft Defender for Endpoint and Microsoft 365 Defender, were designed to help enterprise organizations prevent, detect, investigate, and respond to advanced threats. Microsoft Defender for Business and Microsoft 365 Business Premium provide similar capabilities, optimized for small and medium-sized businesses. These plans provide advanced threat protection with antivirus and antimalware protection, ransomware mitigation, and more, together with centralized management and reporting.
This article helps clarify what's included in the following plans:
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender Vulnerability Management add-on
- Microsoft Defender for Business
Important
This article provides a summary of threat protection capabilities in Microsoft endpoint security plans; however, it's not intended to be a service description or licensing contract document. For more detailed information, see the following resources:
Compare Microsoft endpoint security plans
The following table summarizes at a high level what's included in Microsoft endpoint security plans.
Tip
Mixed-licensing scenarios in Defender for Endpoint are now in preview! You can manage your subscription settings to use a combination of Defender for Endpoint Plan 1 and Plan 2 licenses across devices. See Manage Microsoft Defender for Endpoint subscription settings across client devices (preview!).
Mixed-licensing scenarios
A mixed-licensing scenario is a situation in which an organization is using a mix of subscriptions, such as Defender for Endpoint Plan 1 and Plan 2. The following table describes examples of mixed-licensing scenarios:
Scenario | Description |
---|---|
Mixed tenant | Use different sets of capabilities for groups of users and their devices. Examples include: - Defender for Endpoint Plan 1 and Defender for Endpoint Plan 2 - Microsoft 365 E3 and Microsoft 365 E5 |
Mixed trial | Try a premium level subscription for some users. Examples include: - Defender for Endpoint Plan 1 (purchased for all users), and Defender for Endpoint Plan 2 (a trial subscription has been started for some users) - Microsoft 365 E3 (purchased for all users), and Microsoft 365 E5 (a trial subscription has been started for some users) |
Phased upgrades | Upgrade user licenses in phases. Examples include: - Moving groups of users from Defender for Endpoint Plan 1 to Plan 2 - Moving groups of users from Microsoft 365 E3 to E5 |
If you have Defender for Endpoint Plan 1 and Plan 2 in your tenant, the ability to manage your subscription settings across client devices is now in preview! This new capability enables you to:
- Apply either Defender for Endpoint Plan 1 or Plan 2 settings to all your client devices; or
- Use mixed mode, and apply Defender for Endpoint Plan 1 settings to some client devices, and Defender for Endpoint Plan 2 to other client devices.
You can also use a newly added license usage report to track status.
For more information, including how to use mixed-licensing scenarios in your tenant, see Manage your Defender for Endpoint subscription settings across devices.
Note
Mixed-license scenarios are not currently supported for Microsoft Defender for Business. See What happens if I have a mix of Microsoft endpoint security subscriptions?
Options for onboarding servers
Defender for Endpoint Plan 1 and 2 (standalone), Defender for Business (standalone), and Microsoft 365 Business Premium don't include server licenses. To onboard servers, choose from the following options:
- Microsoft Defender for Servers Plan 1 or Plan 2 (recommended for enterprise customers) as part of the Defender for Cloud offering. To learn more. see Overview of Microsoft Defender for Servers.
- Microsoft Defender for Business servers (recommended for small and medium-sized businesses who have Microsoft Defender for Business). To learn more, see How to get Microsoft Defender for Business servers.
- Microsoft Defender for Endpoint for Servers (if you already have these licenses). See Defender for Endpoint onboarding Windows Server.
Start a trial
- To try Defender for Endpoint, go to the Defender for Endpoint trial sign-up page.
- To try the Microsoft Defender Vulnerability Management add-on for Defender for Endpoint Plan 2, visit https://aka.ms/AddonPreviewTrial.
Tip
If your organization is a small or medium-sized business, see What happens if I have a mix of Microsoft endpoint security subscriptions?
More resources
- Licensing and product terms for Microsoft 365 subscriptions.
- How to contact support for Defender for Endpoint.
- Get started with Microsoft Security (trial offers)
- Microsoft Defender for Endpoint
- Microsoft Defender for Business (endpoint protection for small and medium-sized businesses)
- Microsoft 365 licensing guidance for security & compliance
- Exclusions for Microsoft Defender for Endpoint and Microsoft Defender Antivirus
Feedback
Submit and view feedback for