Protection models FAQ
What are protection models?
Protection models offer an additional level of customization to Endpoint Security product types. Current protection model include:
A la carte - Custom tailored by manual selection of additional features to align with your specific requirements.
Secure - Next-generation threat intelligence and prevention, and real-time threat hunting and incident response.
Secure Plus - Builds upon the Secure model, providing proactive incident response management services.
Secure Extra - Enhances the Secure Plus model, by enriching detection sources with intelligence across your infrastructure.
Important
The Secure Plus and Secure Extra protection models are specifically designed for Customer type companies.
If added to a partner's own use, the company will not benefit from the full range of features that are provided by the models.
What happens to preexisting Endpoint protection subscriptions?
Preexisting subscriptions are equivalated as A la carte protection models. The functionality, features, and products included in the subscription will remain the same.
Will Bitdefender EDR Standalone product type users be affected by this change?
No. Protection models are only available for the Endpoint Security product type.
Where can I find the protection model assigned to a company?
In the company details, under the Licensing tab, both under the Products for own use and, additionally, for partner type companies, the Products for reselling sections.
What protection models can a company distribute?
A company receives access to resell protection models in two ways:
Through the protection model assigned for own use. Based on the protection model assigned for own use, the company automatically receives access to resell certain protection models. For more information, refer to the table below.
Note
These protection models cannot be revoked from reselling.
Through the protection model assigned for reselling. Based on the selected protection model, the company receives access to resell certain protection models. For more information, refer to the table below.
Assigning a protection model to a company (either for own use or reselling), can provide access to distribute one or more protection models, as explained in the table below:
Protection model assigned | Enables company to resell |
---|---|
A la carte | A la carte |
Secure | Secure |
Secure Plus | Secure, Secure Plus |
Secure Extra | Secure, Secure Plus, Secure Extra |
How is monthly usage calculated for protection models?
Refer to Calculate the endpoint usage with the Monthly License Usage report for information and examples on how to calculate monthly usage for each protection model.
Each protection model provides the core protection feature, and may include additional add-ons or services. If they are not included in the protection model, you can purchase add-ons and services separately.
The following table contains a comprehensive list of protection models and what products they include:
Product | A la carte | Secure | Secure plus | Secure extra |
---|---|---|---|---|
Core protection | ||||
Advanced Threat Security (Fileless Attack Protection, HyperDetect & Sandbox Analyzer) | ||||
Endpoint Detection and Response | ||||
MDR Foundations | ||||
eXtended Detection and Response (Identity Providers & Productivity apps) | ||||
eXtended Detection and Response (Network, Cloud workloads, & Integrity Monitoring) | ||||
Security for Exchange | ||||
Email Security | ||||
Mobile Security | ||||
Full Disk Encryption | ||||
Security For Virtualized Environments | ||||
Container Protection | ||||
Patch Management |
Legend
- included in the protection model.
- optional and billed separately.
- incompatible with the protection model. Your company can not the product while subscribed to this protection model.
The Core protection includes the following modules and roles:
Antimalware (not listed in the report as it is installed by default on endpoints)
Advanced Threat Control
Advanced Anti-Exploit
Firewall
Content Control
Device Control
Network Attack Defense
Power User
Relay
How is my monthly usage calculated when I switch to a different protection model?
If a company has used multiple protection models for its own use during a month, a single one counts toward its monthly usage. From the list of used protection models, the one matching the highest on this list is taken into account:
Secure Extra
Secure Plus
Secure
A la carte
Is it possible to move to a partner whose portfolio does not include my current protection model?
No. The new partner's portfolio must align with or surpass what you currently use.
If you receive an error message when trying to change your managing partner, contact the company you wish to move under.
What happens when I move endpoints between companies with different protection models?
The protection model used by the destination company is applied to all moved endpoints. For more information refer to Move endpoints between companies.
How are features that are included in protection models going to be represented in monthly usage reports?
Individual endpoints will show Yes
under the column associated with the feature, however this will not count towards the total feature usage.
For example, if an endpoint is using the Secure Extra protection model and has the ATS module deployed, the ATS column associated with the endpoint will show Yes
, but the number under the ATS Usage column will not increase.
How are protection models implemented in API methods?
The following parameters and attributes have been implemented to facilitate the use of protection models:
assignedProtectionModel
- this field establishes what protection model is assigned to a company for its own use. Assigning a specific protection model to this parameter automatically adds specific protection models to the companies resell capabilities, as follows:Own use (
assignedProtectionModel
)Resell (
additionalProtectionModels
)aLaCarte
aLaCarte
mspSecure
mspSecure
mspSecurePlus
mspSecure
,mspSecurePlus
mspSecureExtra
mspSecure
,mspSecurePlus
,mspSecureExtra
Important
The values above, that are automatically assigned to
additionalProtectionModels
, cannot be removed through an API request. Attempting to do so will not result in an error message, but the values will not be removed. The only way to do so is to change theassignedProtectionModel
parameter.Note
If the
assignedProtectionModel
field is not mentioned when creating a company, depending on the protection models provided by the company's partner, the one matching the highest on this list is taken into account:A la carte
Secure
Secure plus
Secure extra
Note
The
assignedProtectionModel
parameter can only be used if theassignedProductType
parameter is set to0
(Endpoint Security)additionalProtectionModels
- determines what protection models a Partner can assign to their clients apart from the ones provided by theassignedProtectionModel
object.aLaCarte
mspSecure
mspSecurePlus
mspSecureExtra
This parameter is available when one of these conditions are met:
assignedProductType
=3
(Bitdefender EDR),additionalProductType
must include0
(Endpoint Security), andtype
=3
(monthly security).assignedProductType
=0
(Endpoint Security),type
=3
(monthly security), andassignedProtectionModel
is included in the request.
aLaCarteMonthlyUsage
- indicates the monthly usage for endpoints scanned with local engines that belong to companies that use the A la carte protection model.mspSecureMonthlyUsage
- indicates the monthly usage for endpoints scanned with local engines that belong to companies that use the Secure protection model.mspSecurePlusMonthlyUsage
- indicates the monthly usage for endpoints scanned with local engines that belong to companies that use the Secure Plus protection model.mspSecureExtraMonthlyUsage
- indicates the monthly usage for endpoints scanned with local engines that belong to companies that use the Secure Extra protection model.
Note
For a detailed list of modified methods refer to these release notes.