We are currently deploying ENS 10.5.3 and are thinking of singing up for the ATP.
We were told TIE should be included when using ATP. Does anyone have any experience using ATP without TIE? Is it that horrible?
Can you even licence the ATP (Realprotect) without the TIE licence? Does not mnake any sense except customer has no money at all but you want the ransomware protection from the ATP module. We alwayse sell together.
Depends on how large your environment is.
The big reason you would want TIE is for whitelisting for DAC/RP. You can do DAC exclusions in the policy, but TIE is much more effective, and adding TIE/DXL opens the door for MAR, which with triggers and ENS Expert Rules you can start to do some really cool things to stop zero day attacks.