Protection plans and modules

To protect your data, you must create protection plans, and then apply them to your workloads.

A protection plan consists of different protection modules. Enable the modules that you need and configure their settings to create protection plans that meet your specific needs.

The following modules are available:

  • Backup. Backs up your data sources to a local or cloud storage.
  • Implementing disaster recovery. Launches exact copies of your machines in the cloud site and switches the workload from corrupted original machines to the recovery servers in the cloud.
  • Antivirus and Antimalware protection. Checks your workloads by using a built-in antimalware solution.
  • Endpoint Detection and Response (EDR). Detects suspicious activity on the workload, including attacks that have gone unnoticed, and generates incidents to help you understand how an attack happened and how to prevent it from happening again.
  • URL filtering. Protects your machines from threats originating from the Internet, by blocking access to malicious URLs and downloadable content.
  • Windows Defender Antivirus. Manages the settings of Windows Defender Antivirus to protect your environment.
  • Microsoft Security Essentials. Manages the settings of Microsoft Security Essentials to protect your environment.
  • Vulnerability assessment. Checks Windows, Linux, macOS, Microsoft third-party products, and macOS third-party products installed on your machines and notifies you about vulnerabilities.
  • Patch management. Installs patches and updates for Windows, Linux, macOS, Microsoft third-party products, and macOS third-party products on your machines, to resolve the detected vulnerabilities.
  • Data protection map. Discovers data in order to monitor the protection status of important files.
  • Device control. Specifies devices that users are allowed or prohibited to use on your machines.
  • Advanced Data Loss Prevention. Prevents leakage of sensitive data via peripheral devices (such as printers or removable storage), or through internal and external network transfers, based on a data flow policy.