Microsoft Defender Advanced Threat Protection (ATP)

[Fathi]

Hi,
Was someone able to integrate Microsoft's Defender Advanced Threat Protection (ATP) as scanning engine for PMG, now that its available for Linux ?

 

[BJ78945]

Hi,

you can add different products with the custom command script https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_custom_check. You have to edit the example script to let the defender scan your mail. But I don't know if it is the right solution. Other scanners would be better for Mailservers. But your idea sounds interesting. I would give it a try but I didn't find information on licensing for a mail proxy. Perhaps you have some information for that?

 

[Fathi]

Hi,

you can add different products with the custom command script https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_custom_check. You have to edit the example script to let the defender scan your mail. But I don't know if it is the right solution. Other scanners would be better for Mailservers. But your idea sounds interesting. I would give it a try but I didn't find information on licensing for a mail proxy. Perhaps you have some information for that?

I am also looking for the price/licence policy. Beeing available for linux doesn't necessarely mean it's free :-(

 

[BJ78945]

Also the use case must meet the license. I know some scanner which aren't developed for mail servers or not allowed to be used in mail proxies. Sometimes they also charge per mailbox. At the moment I think the build in avast interface and some other manufacturers by custom_check like ESET bring enough security.

 

[Urbanovits]

Try Security Onion Server with all bells and whistles.

 

[Kavynglepner]

I haven't personally integrated Defender ATP with PMG, but I've heard it's possible and adds an extra layer of security. Make sure to follow the official guidelines, and it should work smoothly. Also, the course on security operations analyst associate can be handy for you. Good luck with the setup!