Research - Application Comparisons

• Defender for Office 365 Plan 2 vs Mimecast

Defender for Office 365 Plan 2 vs Mimecast

Defender for Office 365 Plan 2 Pros and Cons

Pros	Cons
End to end XDR and traces including giving a holistic view of payloads clicked from an email. Can utilize this to then remove messages from user inboxes.	Steep learning curve. Will need training for new and existing staff to implement and manage.
All in one solution for XDR.	Many tasks are only able to be done using Powershell. This results in time wasted if you don't know Powershell well and/or need to look up commands. It also adds challenge to training new staff and existing since they also need to learn Powershell as well.
	"High Confidence" phishing and spam is auto blocked by Microsoft with little ability for admins to control or manage this. There is no "white list" for these emails and the only way to "force" them to get delivered is by submitting them to Microsoft every 30 days until they white list them on their back end.
	More difficult to learn how to effectively use than Mimecast.
	Poor or outdated documentation. Difficult to find help for basic tasks or general setup.
	No specific "Graymail" filtering. Using the sliders Microsoft provides can quickly create false positives at higher levels of filtering.
	Requires significant setup and understanding of M365, Defender, Azure, Mail Flow.
	Much more complex and confusing interface requiring access to at least four different admin panels to manage and maintain (M365/Exchange/Security/Compliance).
	Not optimized or configured "out of the box".

Mimecast Pros and Cons

Pros	Cons
Can manage multiple tenants outside of our Azure tenant in a "single pane of glass". Multi-tenant potential exists to include EXOs in Mimecast filtering while still passing mail to M365 or existing mail servers.	Additional cost beyond the E5 licenses we'll be paying for.
Easier to learn and start managing compared to M365.	Requires understanding of mail flow from the internet to Mimecast, to M365.
Much simpler interface.	Simple setup that by default turns on "best practices" "out of the box".
Closer to "set it and forget it" when setup properly.

Layered Approach Pros and Cons (Expanding Current M365 Functionality)

Pros	Cons
Exceptional filtering results.	Steep learning curve to utilize both. Will require training for all new and existing staff as well as exceptional documentation on how things are setup for our environment.
Multi-tenant potential exists to include EXOs in Mimecast filtering while still passing mail to M365 or existing mail servers.	Extreme complexity.
	No "single pane of glass".
	Increased chance of false positives.
	Increased cost.

Configuring Microsoft Defender vs Mimecast

Mimecast vs ProofPoint vs Defender 365

Mimecast or Windows Defender for 365?

What is the best email security solution, M365 E5 License or Mimecast Email Security?