Has anyone tried Windows 10 Enterprise?

[Hi Brothers]

So, if you go here , choose ISO Enterprise, and enter random stuff in the fields, you can download Windows 10 Enterprise for a free 90 day trial. I don't know if the trial links to your motherboard or to your current windows 10 license key or something else, I'll check that for sure when I install it. And of course, enterprise comes with all of the goodies:


Windows Defender Application Guard - supposedly makes edge basically immune to malware, I found this article that gives more info

Windows Defender Application Control - something like an anti-exe but much better? Not sure about the details

Hypervisor-protected code integrity / Virtualization-based protection of code integrity - "Virtualization Based Security uses the Windows Hypervisor to provide support for security services. Virtualization Based Security requires Secure Boot, and can optionally be enabled with the use of DMA Protections. DMA protections require hardware support and will only be enabled on correctly configured devices. Enables virtualization based protection of Kernel Mode Code Integrity. When this is enabled, kernel mode memory protections are enforced and the Code Integrity validation path is protected by the Virtualization Based Security feature.The "Enabled with UEFI lock" option ensures that Virtualization Based Protection of Code Integrity cannot be disabled remotely. Credential Guard - This setting lets users turn on Credential Guard with virtualization-based security to help protect credentials. The "Enabled with UEFI lock" option ensures that Credential Guard cannot be disabled remotely"

Block untrusted fonts in an enterprise - "Blocking untrusted fonts helps prevent both remote (web-based or email-based) and local EOP attacks that can happen during the font file-parsing process" seems useful to me

Windows Defender Advanced Threat Protection - the holy mother of all that is sacred, what more to say?


There's a lot more features that I missed, but these are the main ones (did I miss anything else important?)
What do you guys think, is it worth trying windows 10 Enterprise as a home user?

 

[Sunshine-boy]

enterprise comes with all of the goodies:

They are paid not free!

 

[Hi Brothers]

They are paid not free!

But don't you get a free trial?

 

[Sunshine-boy]

But whats the point? it will finish anyway:notworthy:
Better to try a trial version of Kaspersky internet security why? because Kaspersky IS has Windows Defender Application control(Even better)+WD ATP plus more...
But not Device guard(Hyper-v) or Application Guard! App Guard is smth like Comodo sandbox!nothing special here.
from what I know The only difference between Windows Defender App control and anti-Exe is WD App ctrl has a reputation service But Anti-Exe doesn't.
I can get windows defender Enterprise E5 all for free=Vmare+NVT Erp beta+Eset Is!
Avast free+comodo firewall= like you have windows defender enterprise E5 but all for free.

 

[Hi Brothers]

But whats the point? it will finish anyway:notworthy:

We can figure something out

 

[DeepWeb]

I have Windows 10 Enterprise. Those features are highly overrated, buggy and CPU hogging to my disappointment. I upgraded thinking that I would turn them on, but ultimately I turned all of them off because they add 2% CPU usage to every process, break programs and even Windows features. They also add delay to boot time and logon. It's all bad. I guess this was Microsoft's way to lure companies to use 10 Enterprise instead of 10 Pro. If you have 10 Pro you are not missing out on anything.

-Windows Defender Application Guard: Microsoft Edge in a virtualized sandbox. And only Edge. Very buggy. For me, Windows would just freeze after 5 min. You will be able to use it in Windows 10 Pro with the next April Update.
-Windows Defender Application Control: Not straightforward even with documentation. There is no dedicated graphical interface, it's all in Group Policy which is my favorite place to go of course...
-Hypervisor enforced code integrity: Adds CPU cycles to every processes. Breaks antiviruses (Zemana) or slows them down (EAM) because they need to hook kernel space which is now shielded off. And it breaks drivers that also need to get into that kernel space (CPU Microupdate Kernel Driver).
-Block untrusted fonts: Like I said I was really thinking that this would be different but it's the exact same as Windows 10 Pro. Zero difference. You can actually enable it in 10 Pro and since Creators Update, this feature is no longer needed because Windows will no longer allow fonts to execute malware as I understand it.
-Windows Defender ATP: Oh I thought I would get it with my license, but the only way to get it is to get a volume license for a big corporation which requires a subscription fee. So not even all companies get it.

 

[Hi Brothers]

-Windows Defender Application Guard: Microsoft Edge in a virtualized sandbox. And only Edge. Very buggy. For me, Windows would just freeze after 5 min. You will be able to use it in Windows 10 Pro with the next April Update.

It's already april 27th, can I download/install this update?

-Windows Defender Application Control: Not straightforward even with documentation. There is no dedicated graphical interface, it's all in Group Policy which is my favorite place to go of course...

Cmon now, if a feature is good you're not gonna use it cuz it doesn't have a GUI? Don't let this stop you

-Hypervisor enforced code integrity: Adds CPU cycles to every processes. Breaks antiviruses (Zemana) or slows them down (EAM) because they need to hook kernel space which is now shielded off. And it breaks drivers that also need to get into that kernel space (CPU Microupdate Kernel Driver)

I only use Microsoft Defender (along with other windows security features, and VS), so hopefully it doesn't break that

I haven't installed the cpu bios spectre microupdate (CVE-2017-5715) I have the meltdown update, CVE-2017-5754, enabled on my PC. As for CVE-2017-5753, that's included in the windows update just like meltdown, except it's not configurable, also doesn't require a microupdate. So I imagine you must be talking about 5715, in which case it's all good for me

-Block untrusted fonts: Like I said I was really thinking that this would be different but it's the exact same as Windows 10 Pro. Zero difference. You can actually enable it in 10 Pro and since Creators Update, this feature is no longer needed because Windows will no longer allow fonts to execute malware as I understand it.

I'm gonna do more research on this one

-Windows Defender ATP: Oh I thought I would get it with my license, but the only way to get it is to get a volume license for a big corporation which requires a subscription fee. So not even all companies get it.

Damn that sucks, ATP is the biggest reason to get enterprise...

 

[Deleted member 178]

There is a reason why "Enterprise" versions are made for bah...enterprises...

 

[Hi Brothers]

There is a reason why "Enterprise" versions are made for bah...enterprises...

We're cheating the system

 

[DeepWeb]

There is a reason why "Enterprise" versions are made for bah...enterprises...

To overcharge enterprises for useless features.

 

[shmu26]

It is exactly what the Mafia calls "protection money".
Micro$oft creates thugs such as Powershell and WMI, and offers to "protect" you from them, if you are willing to pay for advanced "protection".
Protection money, as simple as that.

 

[upnorth]

Thanks for the share @Hi Brothers as I can use this for testing purposes on one of my machines.

 

[Bleak]

Aside from the features, Enterprise is what Win10 should have been, talking about M$ bloated apps in Home, Pro editions.
In Enterprise, you don't get any of M$ apps, like store, cortana etc. Even more if you get the N editions it won't have MFP (Media Feature Pack) so no pre-installed apps like Windows Media Player, Skype, Music, Video, Video Recorder. I think that's would matter to a home user, personally W10 Enterprise N is the only 10 edition I would use.

Keep in mind that Enterprise editions are not receiving Feature updates as Home and Pro, and only receiving Security updates, it is currently on version 1607. More: Windows 10 release information

 

[Hi Brothers]

Keep in mind that Enterprise editions are not receiving Feature updates as Home and Pro, and only receiving Security updates, it is currently on version 1607. More: Windows 10 release information

Huh, I didn't know that... The first thing I do when I first go on my PC every day, is to check SUMO for updates and go to Windows 10 Update History to see if there's a new version, I'm currently on 1709, 16299.402, I updated as soon as it was available

Version 1607 is way behind 1709, that's a lot of features missing, might not be a worthwhile trade-off for the extra security Enterprise gives. If what DeepWeb said about Enterprise with its performance and compatibility problems is true, then Enterprise is definitely not worth it, especially if Edge virtualization is coming soon to Windows 10 Pro, I'll definitely be switching to edge for the added security, I already like it for its simplicity, although the few password manager extensions that can be installed on edge all have an issue of some kind, that's the only reason I'm still using chrome

 

[Bleak]

Huh, I didn't know that... The first thing I do when I first go on my PC every day, is to check SUMO for updates and go to Windows 10 Update History to see if there's a new version, I'm currently on 1709, 16299.402, I updated as soon as it was available

Version 1607 is way behind 1709, that's a lot of features missing, might not be a worthwhile trade-off for the extra security Enterprise gives. If what DeepWeb said about Enterprise with its performance and compatibility problems is true, then Enterprise is definitely not worth it, especially if Edge virtualization is coming soon to Windows 10 Pro, I'll definitely be switching to edge for the added security, I already like it for its simplicity, although the few password manager extensions that can be installed on edge all have an issue of some kind, that's the only reason I'm still using chrome

The performance issue is more likely personal, on one of my Workstation machines there's no slow down, and logically less M$ bloat should result in a more smoother system usage.
Also note that it also comes without Edge (LTSB), so you have to take a bit of time and install Store, then install Edge, then you can install other Store apps if you like. There's a way with that to use a script to install Store, but I'm not sure if this way is legal or no.. but I personally think that if one is going to do that, you may as well just use Home or Pro editions.

 

[shmu26]

@Hi Brothers, Chrome is really quite safe, especially if you enable a few flags.
It has been years since home users were hit by Chrome exploits.
Every once in a while, you hear about targeted attacks on Korean diplomats and stuff like that, due to a Flash vulnerability.
Those zero-days are worth a million dollars. They won't be wasted on home users; they are only used for high-value targets.

 

[Hi Brothers]

@Hi Brothers, Chrome is really quite safe, especially if you enable a few flags.
It has been years since home users were hit by Chrome exploits.
Every once in a while, you hear about targeted attacks on Korean diplomats and stuff like that, due to a Flash vulnerability.
Those zero-days are worth a million dollars. They won't be wasted on home users; they are only used for high-value targets.

Yeah, but if I'm going to use edge anyway, why not get extra security, right? As soon as any of the password managers fix their issues, I'm going to switch to edge, I just like how simple it looks and feels, just like when I switched from Kaspersky to Windows Defender, kaspersky had a ton of settings and stuff that you had to constantly adjust, defender is just like open it once, configure the options and then forget it even exists, and it feels faster too, same thing with appguard and VS, one is like a labyrinth and the other is a straight path. Also, Defender is already included with Windows, so it feels good just cuz of that reason alone, the simpler the better, what's simpler than using in-built software

I've been using Chrome for so long, using a different browser just for the sake of it feeling new would be nice, and edge's design really nails the simplicity, it looks polished and clean, although I'll miss the "right click > translate" thing on chrome and a few other small features