Its still a very new tool so I don't think there will be many running it on mass yet.
After seeing many demo's since last years JNUC i'm finally now running a small POC for it (along with a few other EDR vendors products now doing behaviour analytics).
Jamf Protect has some really great features and so far its been zero day for any of the OS updates (even had no issues running it with beta 1 of BigSur), integrates into Jamf Pro for EDR automation and fills a big gaps for the macOS environment that all the other cross platform tools ive used from other major vendors don't address.
It also has a very low CPU, Memory and Energy overhead from its agent.
However its a strange product to pigeon-hole into a certain segment as it as it spans across quite a few areas like EDR, EPP, DLP but I cant see it replacing a traditional AV tool in its current form without some risk as its doesn't do traditional AV scanning.
As its leveraging the standard Apple builtin tools of Xprotect, MRT, Gatekeeper etc.. (which seem only kick into action when executing a program), I am currently seeing this as a supplementary tool to use with something else more traditional like Microsoft ATP etc..
We plan to use all the tools in the Microsoft EMS suite as it pretty much a one stop shop and covers everything if you're running Windows 10, but its very limited on what it can do with macOS with anything other than traditional AV.
At the moment I'm edging towards using ATP for traditional AV scanning (seeing licensing its covered with our Microsoft E3+EMS license) along with Jamf Protect to cover all the gaps that ATP leaves wide open.
The current negative is pricing.
Its not cheap by any standards but when placed against other vendors that offer cross platform is starts to look expensive.
But it's the same story with Jamf Pro when you're already a Microsoft house.
As Intune it pretty much free if your a O365 customer, can do basic Mac MDM management with that, but ideally you have Intune+Jamf Pro for advance workflows and its the best of both worlds for macOS (specially if you're implementing Conditional Access).
Jamf Protect also suffers the same issue, as you can do basic security with Microsoft ATP for macOS, but ideally its ATP+Protect to provide the best solution for macOS, which is when starts becoming expensive.
Ok. We are considering running Bitfender just for the scanning piece. We have licensing through February so cost won’t factor in for now. Some folks are saying JamF Protect is enough but I’m torn.
Im using Jamf Protect for around 2 months now. Since most users are home office and the ESET antivirus price was almos the same.
Got to say it works, but we have never (that we are aware of) had security issues with our users computers (apart from Windows ones).
CPU is low (unlike some antivirus we tried) and love the detailed alerts (you dont get this on normal antivirus).
Integration with Jamf Pro is ok, looks like would be improved in the near future.
Creating new analytics to detect other ways of security breaches is not really straight forward and easy but hope will be more documentation and easier way to implement then soon.
I also think (and my Security Officer also) that it doesnt protect from all. But it is the same with the Antivirus and you can share with the developers any attacks you might think are missing and they will analyse them and try to add them
I'd agree that it's definitely a good sidepiece to something like Defender ATP. My CISO was pretty disappointed Defender couldn't do automatic remediation on macOS, but Protect does just that (on enrolled Macs at least).
We had looked at it and currently have it stood up in our test environment. From what my security team is telling me it is really not a complete product yet so I dont think they will pursue using it at this time. JAMF has been very receptive of recommendations and criticism but it does not seem like its ready to be a paid product just yet.
I am using it for the past 5 months Since we rolled out 1200 Student Devices in my District. Protect is a great Tool for getting insight in to the the APPLE Embedded Softwares as well as Protecting against some knows OS X threats. We have been having some good success with this tool and plan to be able to integrate it deeper with PRO.
We just replaced Sophos with Protect because of how horribly Sophos runs on Macs. When we removed Sophos, the majority of our Mac's battery life went up anywhere from 30 minutes to 2 hours in some cases. Performance increased immensely according to our developer users.
I always find it humorous when "Security Teams" make claims like "It doesn't cover everything" like there's some tool out there that REALLY does. Especially without completely dogging down your systems to the point where paying for the extra RAM and CPU on Mac's was a complete waste of money because their AV product sucks it to zero benefit.
There's no perfect "one-solution-fits-all" option out there, but for the vast vast majority of threats going against Mac OS, Protect does what it's supposed to do. We are very happy with it so far.
Yep. This is kind of my philosophy as well. Currently a combo with Cylance, but I hope to pull back on that in the future. Would be nice to run only this, but I will see how this rolls over the next few months.