Skip to main content
  • Login
  • Support
  • Partnerships
    • Partnerships Overview
    • Solution Provider Program
    • Technology Alliance Program
    • Distributor Program
N-able
  • Request a Quote
  • Try Now
    • N-able RMM
    • N-able N-central
    • N-able Backup
    • MSP Manager
    • N-able Mail Assure
    • N-able Passportal
    • N-able Risk Intelligence
    • N-able Take Control
Request quote
N-able
  • Products
    • Monitoring & Management
    • N-central Automate. Tackle complex networks. Get remote monitoring and management built for efficiency and scale.
    • RMM Start fast. Grow at your own pace. Try this powerful but easy remote monitoring and management solution.
    • Backup
    • Backup Get data protection for servers, workstations, applications, documents, and Microsoft 365 from one dashboard.
    • Security
    • EDR Defend against ransomware, zero-day attacks, and evolving threats with endpoint detection and response.
    • Mail Assure Leverage mail protection and archiving to keep your users safe from email threats and downtime.
    • Passportal Adopt and enforce best practices for password and documentation management with ease.
    • Tools & Services
    • MSP Manager Increase helpdesk efficiency with a robust PSA, ticketing, reporting, and billing management solution.
    • Take Control Help support customers and their devices with remote support tools designed to be fast and powerful.
    • View All
  • Solutions

    Solutions

    • Security Protect your customers and expand your business by offering layered security services without the complexity.
    • Monitoring Choose the right remote monitoring and management solution to meet you where you are and grow with you.
    • Operational Efficiency Boost profits by improving efficiency via automation, resources and training, and time-saving products.
    • IT Departments Keep your organization productive by easily managing IT from a single, easy-to-use, web-based dashboard.
    • Remote Monitoring Solutions Comparison Compare N-able RMM and N-central side by side. Sign up to talk to a specialist to find the right fit.
    • View All
  • Resources
    • Download
    • Resource Library
    • Product Information
    • Free Tools
    • Learn
    • MSP Institute Webinar Series
    • Daily Live Demos
    • MSP Advice Project
    • Ask the N-central Experts
    • Upcoming Webcasts
    • Connect
    • Blog
    • Security Resource Center
    • Events
    • RMM Foundations Training
  • About
    • Company
    • About Us
    • Leadership
    • Careers
    • News & Press
    • Awards & Recognition
    • Support & Policies
    • Customer Success
    • Customer Support
    • Legal
    • Security
    • Get in Touch
    • Contact
    • Get a Quote
    • Worldwide Sales & Support
  • IT Departments
  • Contact Sales
    • Contact Sales
    • General Inquiry
    • Get a Quote
    • Worldwide Sales & Support
    • Talk to Specialist
    • Security Solutions
    • Monitoring Solutions
    • Operational Efficiency
  • Try Now
    • Monitoring & Management
    • N-central
    • RMM
    • Backup
    • Security
    • EDR
    • Mail Assure
    • Passportal
    • Tools & Services
    • MSP Manager
    • Take Control
SolarWinds MSP is becoming Read More
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business Security EDR vs. Managed Antivirus: What You Need to Know
Security

EDR vs. Managed Antivirus: What You Need to Know

By Michael Tschirret
10 June, 2020

Layered security is undoubtedly the best defense in the face of current and future threats to your customers’ networks and end users. Within that model, you’ll hear two solutions discussed frequently as solutions to protect the end user: managed antivirus (MAV) and endpoint detection and response (EDR). Both offer benefits to the managed services providers (MSPs) but as the lines between the two blur, it’s difficult to know the difference between the two. The question asked most often is, “will EDR replace MAV?” Read on to learn more.

Either—not both

There’s debate about whether you can use MAV and EDR simultaneously, but they compete from a resource perspective—so it’s not recommended. In today’s post, we’ll discuss the advantages of both and when to deploy each solution to address your customer’s needs. 

Neither is a one-size-fits-all solution. They both address different issues. When deciding between the two, it’s important to consider several factors, including the type of business in need of protection, the end users, cost, etc. Since some of your customers may need MAV over EDR and vice versa, SolarWinds offers both solutions to help you provide the best level of service to your customers. 

MAV: solid protection at a great price point

CTA Image

N-able N-central

Try the powerful N-central solution for free.

Try It Free Learn More

According to Liberman Technologies, managed antivirus is “a centrally-managed software option that protects all of the computers at your business from virus threats.” With MAVs, MSPs handle automatic program updates and virus definition updates—so user intervention isn’t necessary. When a virus or malware is discovered, it’s immediately quarantined. It’s a simple, straightforward first line of defense for employees—it doesn’t require any technical knowledge and does a good job of turning away many threats.

MAV does require regular definition (virus signature) updates though—and therein lies the rub. The protection afforded by the program is only as good as the vendor’s updates. New threats arise daily and ensuring updates get pushed out in a timely fashion is truly a best-efforts scenario. Often, threats are discovered after the damage is done. 

Given this critical issue, why choose MAV? Well, there are several reasons. Clearly, ease of use is at the top of list. Zero intervention on your customer’s part is one less thing for them to worry about. It’s a good value proposition at an affordable price point, as we’ll see. Some additional benefits include:

  • One management source: The customer can look to the MSP as the single source for deployment, management, definition updates, and threat debriefings. This puts the MSP in a great position of trust which can lead to additional revenue in other areas. 
  • “Locked-down” security: MAV program policy allows for zero intervention from the end user. They can’t force an update or uninstall the program without the proper permissions.
  • 24/7 monitoring: You set the scan schedule, update the software, and push out definition updates. Again, it doesn’t require any intervention from your customers or end users. 
  • Fast remediation: You’re able to triage threats in real-time.
  • Cost: MAV is less expensive per seat than EDR. This is the second biggest selling point for MAV behind the effective protection aspect. But as we’ll point out, the margins are becoming slimmer. And given the threat environment we face today, your customer might find themselves in a position where they can’t afford not to pay for EDR.

EDR: Now we’re in the big leagues 

Let’s move on to the heavy hitter: EDR. If you missed last month’s post, here’s a quick recap: EDR is a multifaceted solution that does everything MAV can do, but takes things a step further—providing greater security and (most importantly) peace of mind. These include, but are not limited to:

  • Monitoring
  • Threat detection
  • Whitelisting/Blacklisting
  • Threat response
  • Integration with other cybersecurity solutions

Moving beyond threat detection and quarantine

EDR is centered on endpoint protection. And like MAV, MSPs manage it without requiring any input from the end user. Given the number of threats that spawn daily, managing large numbers of endpoints can be more difficult with antivirus and other point solutions. This is the point the differences between MAV and EDR come into sharp focus.

EDR is proactive. Comprised of monitoring software and endpoint agents, integrated machine learning and advanced artificial intelligence (AI) allows EDR to identify threat vectors that exhibit suspect behavior and address them before they’re acknowledged as harmful. Instead of relying on definition updates, it looks for abnormal behavior. For example, if several files change at the same time, it’s likely due to an endpoint assault. 

If you use SolarWinds® Endpoint Detection and Response (EDR), processing is done locally on the endpoint—unlike some other EDR vendors that require a resource and time-intensive uploads to the cloud for threat analysis and processing. You can recover quickly, in an automated fashion.

Tell me a story

It’s not enough to accept a threat has done damage—you want to ask yourself how and why we arrived at this point. This is where EDR really shines with active root cause analysis. SolarWinds EDR provides true context via a “visual storyline.” You can see what process spawned the attack as well as how it replicated and spread. You’ll also find answers to how the threat is constructed. This will drive actionable information to help the end user understand their part in allowing the threat to slip through, if applicable. 

The storyline unfolds in real-time as an attack occurs, but with EDR, you’re far from defenseless. Your recovery options include killing, quarantining, and remediating (rolling back) the attack—depending on how you’ve set up the agent for each end user. Think of the EDR agent as your personal SOC (security operations center) analyst. You can literally undo the damage done, rendering ransomware useless. 

In my next blog, I’ll tackle the question of whether to go for MAV or EDR. 

 

Michael Tschirret, Sr. Product Marketing Manager, EDR

 

Additional reading

What is EDR (Endpoint Detection and Response)?
Endpoint Detection and Response: Modern Weapons Against the Cybercriminals
CSAM: Remedies for Today’s Common Threats
You might also like...
Security

DearCry Ransomware Review 

Security

Endpoint security for Mac: What you need to know In 2021

Security

A guide to patch management policies for MSPs

Security

A Beginner's Guide to Unified Endpoint Management

Mail

How to Detect and Prevent Business Email Compromise

Security

Intrusion Detection System (IDS): Signature vs. Anomaly-Based

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts
  • DearCry Ransomware Review 
  • PSA vs ITSM vs ESM: Part 2—Which is the right fit for your MSP?
  • 4 ways PSA software helps MSP businesses
  • PSA vs ITSM vs ESM: Part 1—What do they do? 
  • Endpoint security for Mac: What you need to know In 2021
Categories:
  • Security (252)
  • Tips & Advice (130)
  • Backup & Disaster Recovery (97)
  • Best Practices (97)
  • Managed Services (89)
  • The Head Nerds (88)
  • Business Growth (79)
  • IT Support (43)
  • Business (42)
  • Automation (41)
  • Operations (38)
  • Cybersecurity (37)
  • Mail (37)
  • Remote Management (31)
  • ITSM (26)
  • Data (23)
  • Networking (22)
  • Cloud Computing (21)
  • PSA (16)
  • Marketing (15)
  • Product (11)
  • Service Desk (7)
  • Services & Support (5)
  • Mobile (4)
  • Risk Intelligence (4)
  • Customer Service (3)
  • GDPR (3)
  • Internet of Things (3)
  • Training (2)
  • Research & Trends (2)
  • LOGICcards (1)
  • Cybersecurity Awareness Month (1)
  • Business Risk (1)
Show moreless
N-able

Products
  • N-able RMM
  • N-able N-central
  • N-able Backup
  • N-able EDR
  • N-able MSP Manager
  • N-able Mail Assure
  • N-able Risk Intelligence
  • N-able Take Control
  • N-able Passportal
  • All Products Use Cases
Solutions
  • Security Solutions
  • Monitoring Solutions
  • Efficiency Solutions
  • Identify which RMM solution is right for me
  • Drive Efficiency with Automation
  • Manage my MSP Business More Efficiently
  • Manage my IT Department More Efficiently
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights
About
  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Subscription Preferences
  • COVID-19 Response
Support
  • N-able RMM
  • N-able N-central
  • N-able Backup
  • N-able Mail Assure
  • N-able Take Control
  • N-able MSP Manager
  • N-able Risk Intelligence
  • N-able Threat Monitor
  • N-able Passportal
  • N-able Take Control Downloads
  • Backup & Recovery Downloads
  • Service Status

Footer 2

  • Legal Documents
  • Privacy
  • California Privacy Rights
  • Security Information
  • Sitemap

© N-able Solutions ULC and N-able Technologies Ltd.
All rights reserved.