mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-20 21:03:42 +00:00
from master
This commit is contained in:
Joey Caparas
@ -6,7 +6,7 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
author: Justinha
|
||||
ms.date: 10/27/2017
|
||||
ms.date: 11/06/2018
|
||||
---
|
||||
|
||||
# Overview of BitLocker Device Encryption in Windows 10
|
||||
@ -14,7 +14,7 @@ ms.date: 10/27/2017
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
|
||||
This topic explains how BitLocker Device Encryption can help protect data on devices running Windows 10.
|
||||
This topic explains how BitLocker Device Encryption can help protect data on devices running Windows 10.
|
||||
For an architectural overview about how BitLocker Device Encryption works with Secure Boot, see [Secure boot and BitLocker Device Encryption overview](https://docs.microsoft.com/windows-hardware/drivers/bringup/secure-boot-and-device-encryption-overview).
|
||||
For a general overview and list of topics about BitLocker, see [BitLocker](bitlocker-overview.md).
|
||||
|
||||
@ -84,13 +84,13 @@ Exercise caution when encrypting only used space on an existing volume on which
|
||||
|
||||
SEDs have been available for years, but Microsoft couldn’t support their use with some earlier versions of Windows because the drives lacked important key management features. Microsoft worked with storage vendors to improve the hardware capabilities, and now BitLocker supports the next generation of SEDs, which are called encrypted hard drives.
|
||||
Encrypted hard drives provide onboard cryptographic capabilities to encrypt data on drives, which improves both drive and system performance by offloading cryptographic calculations from the PC’s processor to the drive itself and rapidly encrypting the drive by using dedicated, purpose-built hardware. If you plan to use whole-drive encryption with Windows 10, Microsoft recommends that you investigate hard drive manufacturers and models to determine whether any of their encrypted hard drives meet your security and budget requirements.
|
||||
For more information about encrypted hard drives, see [Encrypted Hard Drive](/windows/security/hardware-protection/encrypted-hard-drive.md).
|
||||
For more information about encrypted hard drives, see [Encrypted Hard Drive](../encrypted-hard-drive.md).
|
||||
|
||||
## Preboot information protection
|
||||
|
||||
An effective implementation of information protection, like most security controls, considers usability as well as security. Users typically prefer a simple security experience. In fact, the more transparent a security solution becomes, the more likely users are to conform to it.
|
||||
It is crucial that organizations protect information on their PCs regardless of the state of the computer or the intent of users. This protection should not be cumbersome to users. One undesirable and previously commonplace situation is when the user is prompted for input during preboot, and then again during Windows logon. Challenging users for input more than once should be avoided.
|
||||
Windows 10 can enable a true SSO experience from the preboot environment on modern devices and in some cases even on older devices when robust information protection configurations are in place. The TPM in isolation is able to securely protect the BitLocker encryption key while it is at rest, and it can securely unlock the operating system drive. When the key is in use and thus in memory, a combination of hardware and Windows capabilities can secure the key and prevent unauthorized access through cold-boot attacks. Although other countermeasures like PIN-based unlock are available, they are not as user-friendly; depending on the devices’ configuration they may not offer additional security when it comes to key protection. For more information, see [BitLocker Countermeasures](bitlocker-countermeasures.md) and [Choose the right BitLocker countermeasure](choose-the-right-bitlocker-countermeasure.md).
|
||||
Windows 10 can enable a true SSO experience from the preboot environment on modern devices and in some cases even on older devices when robust information protection configurations are in place. The TPM in isolation is able to securely protect the BitLocker encryption key while it is at rest, and it can securely unlock the operating system drive. When the key is in use and thus in memory, a combination of hardware and Windows capabilities can secure the key and prevent unauthorized access through cold-boot attacks. Although other countermeasures like PIN-based unlock are available, they are not as user-friendly; depending on the devices’ configuration they may not offer additional security when it comes to key protection. For more information, see [BitLocker Countermeasures](bitlocker-countermeasures.md).
|
||||
|
||||
## Manage passwords and PINs
|
||||
|
||||
|
||||
@ -8,7 +8,7 @@ ms.mktglfcycl: explore
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: justinha
|
||||
ms.date: 06/18/2018
|
||||
ms.date: 11/08/2018
|
||||
ms.localizationpriority: medium
|
||||
---
|
||||
|
||||
@ -24,6 +24,10 @@ With the increase of employee-owned devices in the enterprise, there’s also an
|
||||
|
||||
Windows Information Protection (WIP), previously known as enterprise data protection (EDP), helps to protect against this potential data leakage without otherwise interfering with the employee experience. WIP also helps to protect enterprise apps and data against accidental data leak on enterprise-owned devices and personal devices that employees bring to work without requiring changes to your environment or other apps. Finally, another data protection technology, Azure Rights Management also works alongside WIP to extend data protection for data that leaves the device, such as when email attachments are sent from an enterprise aware version of a rights management mail client.
|
||||
|
||||
## Video: Protect enterprise data from being accidentally copied to the wrong place
|
||||
|
||||
> [!Video https://www.microsoft.com/en-us/videoplayer/embed/RE2IGhh]
|
||||
|
||||
## Prerequisites
|
||||
You’ll need this software to run WIP in your enterprise:
|
||||
|
||||
|
||||
@ -97,4 +97,4 @@ Here, you can copy the **WipAppid** and use it to adjust your WIP protection pol
|
||||
When working with WIP-enabled apps and WIP-unknown apps, it is recommended that you start with **Silent** or **Allow overrides** while verifying with a small group that you have the right apps on your allowed apps list. After you're done, you can change to your final enforcement policy, **Block**. For more information about WIP modes, see: [Protect enterprise data using WIP: WIP-modes](protect-enterprise-data-using-wip.md#bkmk-modes)
|
||||
|
||||
>[!NOTE]
|
||||
>Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Editing Windows IT professional documentation](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md).
|
||||
>Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Editing Windows IT professional documentation](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md).
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Change history for Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
title: Change history for [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
description: This topic lists new and updated topics in the WWindows Defender ATP content set.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -13,7 +13,7 @@ ms.date: 10/04/2018
|
||||
---
|
||||
|
||||
# Threat Protection
|
||||
Windows Defender Advanced Threat Protection (Windows Defender ATP) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. Windows Defender ATP protects endpoints from cyber threats; detects advanced attacks and data breaches, automates security incidents and improves security posture.
|
||||
[Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. Windows Defender ATP protects endpoints from cyber threats; detects advanced attacks and data breaches, automates security incidents and improves security posture.
|
||||
|
||||
<center><h2>Windows Defender ATP</center></h2>
|
||||
<table>
|
||||
@ -63,8 +63,8 @@ To further reinforce the security perimeter of your network, Windows Defender AT
|
||||
|
||||
<a name="edr"></a>
|
||||
|
||||
**[Endpoint protection and response](windows-defender-atp/overview-endpoint-detection-response.md)**<br>
|
||||
Endpoint protection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars.
|
||||
**[Endpoint detection and response](windows-defender-atp/overview-endpoint-detection-response.md)**<br>
|
||||
Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars.
|
||||
|
||||
- [Alerts](windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md)
|
||||
- [Historical endpoint data](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline)
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 14 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 25 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 9.5 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 14 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 22 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 10 KiB |
@ -1,14 +1,14 @@
|
||||
---
|
||||
title: Top scoring in industry antivirus tests
|
||||
description: Windows Defender Antivirus consistently achieves high scores in independent tests. View the latest scores and analysis.
|
||||
keywords: security, malware, av-comparatives, av-test, av, antivirus
|
||||
keywords: security, malware, av-comparatives, av-test, av, antivirus, windows, defender, scores
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: secure
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: medium
|
||||
ms.author: ellevin
|
||||
author: levinec
|
||||
ms.date: 09/05/2018
|
||||
ms.date: 11/07/2018
|
||||
---
|
||||
|
||||
# Top scoring in industry antivirus tests
|
||||
@ -18,20 +18,22 @@ ms.date: 09/05/2018
|
||||
We want to be transparent and have gathered top industry reports that demonstrate our enterprise antivirus capabilities. Note that these tests only provide results for antivirus and do not test for additional security protections.
|
||||
|
||||
In the real world, millions of devices are protected from cyberattacks every day, sometimes [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign?ocid=cx-docs-avreports). Windows Defender Antivirus is part of the [next generation](https://www.youtube.com/watch?v=Xy3MOxkX_o4) Windows Defender Advanced Threat Protection ([Windows Defender ATP](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports)) security stack which addresses the latest and most sophisticated threats today. In many cases, customers might not even know they were protected. That's because Windows Defender Antivirus detects and stops malware at first sight by using [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering?ocid=cx-docs-avreports), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak?ocid=cx-docs-avreports), behavioral analysis, and other advanced technologies.
|
||||
|
||||
> [!TIP]
|
||||
> Learn why [Windows Defender Antivirus is the most deployed in the enterprise](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise?ocid=cx-docs-avreports).
|
||||
|
||||
<br></br><br></br>
|
||||
|
||||
|
||||
## AV-TEST: Perfect protection score of 6.0/6.0 in the latest test
|
||||
|
||||
The AV-TEST Product Review and Certification Report tests on three categories: protection, performance, and usability. The scores listed below are for the Protection category which has two scores: Real-World Testing and the AV-TEST reference set (known as "Prevalent Malware").
|
||||
> [!NOTE]
|
||||
> [Download our latest analysis: Examining the AV-TEST July-August results](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2IL3Y)
|
||||
|
||||
### May-June 2018 AV-TEST Business User test: [Protection score 6.0/6.0](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/) | [Analysis](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I?ocid=cx-docs-avreports) <sup>**Latest**</sup>
|
||||
### July-August 2018 AV-TEST Business User test: [Protection score 6.0/6.0](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/august-2018/microsoft-windows-defender-antivirus-4.12--4.18-183212/) | [Analysis](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2IL3Y)
|
||||
|
||||
Windows Defender Antivirus achieved an overall Protection score of 6.0/6.0, detecting 100% of 5,790 malware samples. With the latest results, Windows Defender Antivirus has achieved 100% on 10 of the 12 most recent antivirus tests (combined "Real-World" and "Prevalent malware").
|
||||
Windows Defender Antivirus achieved an overall Protection score of 6.0/6.0, detecting 100% of 20,022 malware samples. With the latest results, Windows Defender Antivirus has achieved 100% on 14 of the 16 most recent antivirus tests (combined "Real-World" and "Prevalent malware").
|
||||
|
||||
### May-June 2018 AV-TEST Business User test: [Protection score 6.0/6.0](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/) | [Analysis](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I?ocid=cx-docs-avreports)
|
||||
|
||||
Windows Defender Antivirus achieved an overall Protection score of 6.0/6.0, detecting 100% of 5,790 malware samples.
|
||||
|
||||
### March-April 2018 AV-TEST Business User test: [Protection score 5.5/6.0](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/) | [Analysis](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports)
|
||||
|
||||
@ -43,26 +45,31 @@ Windows Defender Antivirus achieved an overall Protection score of 6.0/6.0, with
|
||||
|
||||
|||
|
||||
|---|---|
|
||||
|||
|
||||
|||
|
||||
<br></br>
|
||||
|
||||
|
||||
|
||||
## AV-Comparatives: Perfect protection rating of 100% in the latest test
|
||||
## AV-Comparatives: Protection rating of 99.8% in the latest test
|
||||
|
||||
AV-Comparatives is an independent organization offering systematic testing for security software such as PC/Mac-based antivirus products and mobile security solutions.
|
||||
|
||||
### Real-World Protection Test July (Consumer): [Protection Rate 100%](https://www.av-comparatives.org/tests/real-world-protection-test-july-2018-factsheet/) <sup>**Latest**</sup>
|
||||
### Real-World Protection Test August - September (Enterprise): [Protection Rate 99.8%](https://www.av-comparatives.org/tests/real-world-protection-test-enterprise-august-september-2018-testresult/) <sup>**Latest**</sup>
|
||||
|
||||
The results are based on testing against 186 malicious URLs that have working exploits or point directly to malware.
|
||||
This test, as defined by AV-Comparatives, attempts to assess the effectiveness of each security program to protect a computer against active malware threats while online.
|
||||
The test set contained 599 test cases (such as malicious URLs).
|
||||
|
||||
### Malware Protection Test August 2018 (Enterprise): [Protection Rate 99.9%](https://www.av-comparatives.org/tests/malware-protection-test-enterprise-august-2018-testresult/)
|
||||
|
||||
This test, as defined by AV-Comparatives, attempts to assesses a security program’s ability to protect a system against infection by malicious files before, during or after execution. The results are based on testing against 1,556 malware samples.
|
||||
|
||||
### Real-World Protection Test March - June (Enterprise): [Protection Rate 98.7%](https://www.av-comparatives.org/tests/real-world-protection-test-enterprise-march-june-2018-testresult/)
|
||||
|
||||
This test, as defined by AV-Comparatives, attempts to assess the effectiveness of each security program to protect a computer against active malware threats while online.
|
||||
The test set contained 1,163 test cases (such as malicious URLs).
|
||||
|
||||
### Malware Protection Test March 2018 (Enterprise): [Protection Rate 99.9%](https://www.av-comparatives.org/tests/malware-protection-test-enterprise-march-2018-testresult/)
|
||||
|
||||
This test, as defined by AV-Comparatives, attempts to assesses a security program’s ability to protect a system against infection by malicious files before, during or after execution.
|
||||
For this test, 1,470 recent malware samples were used.
|
||||
|
||||
[Historical AV-Comparatives Microsoft tests](https://www.av-comparatives.org/vendors/microsoft/)
|
||||
<br></br>
|
||||
|
||||
@ -16,7 +16,7 @@ Malware is a term used to describe malicious applications and code that can caus
|
||||
|
||||
Cybercriminals that distribute malware are often motivated by money and will use infected computers to launch attacks, obtain banking credentials, collect information that can be sold, sell access to computing resources, or extort payment from victims.
|
||||
|
||||
As criminals become more sophisticated with their attacks, Microsoft is here to help. Windows 10 is the most secure version of Windows yet and includes many features to help protect you whether you're at home, at work, or on the go. With Windows Defender Advanced Threat Protection (Windows Defender ATP), businesses can stay protected with next-generation protection and other security capabilities.
|
||||
As criminals become more sophisticated with their attacks, Microsoft is here to help. Windows 10 is the most secure version of Windows yet and includes many features to help protect you whether you're at home, at work, or on the go. With [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf), businesses can stay protected with next-generation protection and other security capabilities.
|
||||
|
||||
For good general tips, check out the [prevent malware infection](prevent-malware-infection.md) topic.
|
||||
|
||||
|
||||
@ -25,7 +25,7 @@ Jenxcus (also known as Dunihi), Gamarue (also known as Androm), and Bondat have
|
||||
|
||||
* **Gamarue** typically arrives through spam campaigns, exploits, downloaders, social networking sites, and removable drives. When Gamarue infects a device, it becomes a distribution channel for other malware. We’ve seen it distribute other malware such as infostealers, spammers, clickers, downloaders, and rogues.
|
||||
|
||||
* **Bondat** typically arrives through fictitious Nullsoft Sciptable Install System (NSIS) Java installers and removable drives. When Bondat infects a system, it gathers information about the machine such as device name, Globally Unique Identifier (GUID), and OS build. It then sends that information to a remote server.
|
||||
* **Bondat** typically arrives through fictitious Nullsoft Scriptable Install System (NSIS), Java installers, and removable drives. When Bondat infects a system, it gathers information about the machine such as device name, Globally Unique Identifier (GUID), and OS build. It then sends that information to a remote server.
|
||||
|
||||
Both Bondat and Gamarue have clever ways of obscuring themselves to evade detection. By hiding what they are doing, they try to avoid detection by security software.
|
||||
|
||||
@ -45,4 +45,4 @@ Download [Microsoft Security Essentials](https://www.microsoft.com/download/deta
|
||||
|
||||
In case threat removal is unsuccessful, read about [troubleshooting malware detection and removal problems](https://www.microsoft.com/wdsi/help/troubleshooting-infection).
|
||||
|
||||
For more general tips, see [prevent malware infection](prevent-malware-infection.md).
|
||||
For more general tips, see [prevent malware infection](prevent-malware-infection.md).
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 10/11/2018
|
||||
|
||||
Describes the Account Lockout Policy settings and links to information about each policy setting.
|
||||
|
||||
Someone who attempts to use more than a few unsuccessful passwords while trying to log on to your system might be a malicious user who is attempting to determine an account password by trial and error. Windows domain controllers keep track of logon attempts, and domain controllers can be configured to respond to this type of potential attack by disabling the account for a preset period of time. Account Lockout Policy settings control the threshold for this response and the actions to be taken after the threshold is reached. The Account Lockout Policy settings can be configured in the following location in the Group Policy Management Console: **Computer Configuration\\Windows Settings\\Security Settings\\Account Policies\\Account Lockout Policy**.
|
||||
Someone who attempts to use more than a few unsuccessful passwords while trying to log on to your system might be a malicious user who is attempting to determine an account password by trial and error. Windows domain controllers keep track of logon attempts, and domain controllers can be configured to respond to this type of potential attack by disabling the account for a preset period of time. Account Lockout Policy settings control the threshold for this response and the actions to be taken after the threshold is reached. The Account Lockout Policy settings can be configured in the following location in the Group Policy Management Console: **Computer Configuration\\Policies\\Windows Settings\\Security Settings\\Account Policies\\Account Lockout Policy**.
|
||||
|
||||
The following topics provide a discussion of each policy setting's implementation and best practices considerations, policy location, default values for the server type or Group Policy Object (GPO), relevant differences in operating system versions, and security considerations (including the possible vulnerabilities of each policy setting), countermeasures that you can implement, and the potential impact of implementing the countermeasures.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
This topic describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Windows Defender AV Assessment section in the Update Compliance add-in.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can perform various Windows Defender Antivirus functions with the dedicated command-line tool mpcmdrun.exe.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can manage and configure Windows Defender Antivirus with the following tools:
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 10/25/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
**Use Microsoft Intune to configure scanning options**
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Block at first sight is a feature of next gen protection that provides a way to detect and block new malware within seconds.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
When Windows Defender Antivirus finds a suspicious file, it can prevent the file from running while it queries the [Windows Defender Antivirus cloud service](utilize-microsoft-cloud-protection-windows-defender-antivirus.md).
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can configure how users of the endpoints on your network can interact with Windows Defender Antivirus.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can exclude certain files, folders, processes, and process-opened files from Windows Defender Antivirus scans.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can exclude certain files from Windows Defender Antivirus scans by modifying exclusion lists.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
By default, Windows Defender Antivirus settings that are deployed via a Group Policy Object to the endpoints in your network will prevent users from locally changing the settings. You can change this in some instances.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 10/08/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
To ensure Windows Defender Antivirus cloud-delivered protection works properly, you need to configure your network to allow connections between your endpoints and certain Microsoft servers.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
In Windows 10, application notifications about malware detection and remediation are more robust, consistent, and concise.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can exclude files that have been opened by specific processes from Windows Defender Antivirus scans.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Antivirus uses several methods to provide threat protection:
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Always-on protection consists of real-time protection, behavior monitoring, and heuristics to identify malware based on known suspicious and malicious activities.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
When Windows Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Windows Defender Antivirus should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Antivirus on Windows Server 2016 computers automatically enrolls you in certain exclusions, as defined by your specified server role. See [the end of this topic](#list-of-automatic-exclusions) for a list of these exclusions.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can configure Windows Defender Antivirus with a number of tools, including:
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Windows Defender Antivirus scans.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can deploy, manage, and report on Windows Defender Antivirus in a number of ways.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Depending on the management tool you are using, you may need to specifically enable or configure Windows Defender Antivirus protection.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
In addition to standard on-premises or hardware configurations, you can also use Windows Defender Antivirus in a remote desktop (RDS) or virtual desktop infrastructure (VDI) environment.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 10/02/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
The potentially unwanted application (PUA) protection feature in Windows Defender Antivirus can identify and block PUAs from downloading and installing on endpoints in your network.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
>[!NOTE]
|
||||
>The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud; rather, it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional signature updates.
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Use this guide to determine how well Windows Defender Antivirus protects you from viruses, malware, and potentially unwanted applications.
|
||||
|
||||
|
||||
@ -20,7 +20,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Limited periodic scanning is a special type of threat detection and remediation that can be enabled when you have installed another antivirus product on a Windows 10 device.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Antivirus allows you to determine if updates should (or should not) occur after certain events, such as at startup or after receiving specific reports from the cloud-delivered protection service.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Antivirus lets you define how long an endpoint can avoid an update or how many scans it can miss before it is required to update and scan itself. This is especially useful in environments where devices are not often connected to a corporate or external network, or devices that are not used on a daily basis.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Antivirus lets you determine when it should look for and download updates.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
<a id="protection-updates"></a>
|
||||
<!-- this has been used as anchor in VDI content -->
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
There are two types of updates related to keeping Windows Defender Antivirus up to date:
|
||||
1. Protection updates
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Mobile devices and VMs may require additional configuration to ensure performance is not impacted by updates.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can use Group Policy to prevent users on endpoints from seeing the Windows Defender Antivirus interface. You can also prevent them from pausing scans.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
There are a number of ways you can review protection status and alerts, depending on the management tool you are using for Windows Defender Antivirus.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
If Windows Defender Antivirus is configured to detect and remediate threats on your device, Windows Defender Antivirus quarantines suspicious files. If you are certain these files do not present a threat, you can restore them.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
After an Windows Defender Antivirus scan completes, whether it is an [on-demand](run-scan-windows-defender-antivirus.md) or [scheduled scan](scheduled-catch-up-scans-windows-defender-antivirus.md), the results are recorded and you can view the results.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can run an on-demand scan on individual endpoints. These scans will start immediately, and you can define parameters for the scan, such as the location or type.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
> [!NOTE]
|
||||
> By default, Windows Defender Antivirus checks for an update 15 minutes before the time of any scheduled scans. You can [Manage the schedule for when protection updates should be downloaded and applied](manage-protection-update-schedule-windows-defender-antivirus.md) to override this default.
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can specify the level of cloud-protection offered by Windows Defender Antivirus with Group Policy and System Center Configuration Manager.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of machines or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Windows Defender Antivirus, you may encounter problems or issues.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/11/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
If you encounter a problem with Windows Defender Antivirus, you can search the tables in this topic to find a matching issue and potential solution.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can use [Group Policy](https://msdn.microsoft.com/library/ee663280(v=vs.85).aspx) to configure and manage Windows Defender Antivirus on your endpoints.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
If you are using System Center Configuration Manager or Microsoft Intune to manage the endpoints on your network, you can also use them to manage Windows Defender Antivirus scans.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
You can use PowerShell to perform various functions in Windows Defender. Similar to the command prompt or command line, PowerShell is a task-based command-line shell and scripting language designed especially for system administration, and you can read more about it at the [PowerShell hub on MSDN](https://msdn.microsoft.com/powershell/mt173057.aspx).
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Management Instrumentation (WMI) is a scripting interface that allows you to retrieve, modify, and update settings.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Microsoft next-gen technologies in Windows Defender Antivirus provide near-instant, automated protection against new and emerging threats. To dynamically identify new threats, these technologies work with large sets of interconnected data in the Microsoft Intelligent Security Graph and powerful artificial intelligence (AI) systems driven by advanced machine learning models.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Antivirus is automatically enabled and installed on endpoints and devices that are running Windows 10.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Antivirus is a built-in antimalware solution that provides next generation protection for desktops, portable computers, and servers.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Antivirus is available on Windows Server 2016. In some instances it is referred to as Endpoint Protection - however, the protection engine is the same.
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Offline is an antimalware scanning tool that lets you boot and run a scan from a trusted environment. The scan runs from outside the normal Windows kernel so it can target malware that attempts to bypass the Windows shell, such as viruses and rootkits that infect or overwrite the master boot record (MBR).
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/03/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
In Windows 10, version 1703 and later, the Windows Defender app is part of the Windows Security.
|
||||
|
||||
|
||||
@ -13,7 +13,7 @@ ms.date: 10/17/2017
|
||||
|
||||
# Configure Windows Defender Application Guard policy settings
|
||||
|
||||
**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Application Guard (Application Guard) works with Group Policy to help you manage your organization's computer settings. By using Group Policy, you can configure a setting once, and then copy it onto many computers. For example, you can set up multiple security settings in a GPO, which is linked to a domain, and then apply all those settings to every computer in the domain.
|
||||
|
||||
|
||||
@ -13,7 +13,7 @@ ms.date: 11/07/2017
|
||||
|
||||
# Frequently asked questions - Windows Defender Application Guard
|
||||
|
||||
**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Answering frequently asked questions about Windows Defender Application Guard (Application Guard) features, integration with the Windows operating system, and general configuration.
|
||||
|
||||
|
||||
@ -14,7 +14,7 @@ ms.date: 10/19/2017
|
||||
# Prepare to install Windows Defender Application Guard
|
||||
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
## Review system requirements
|
||||
|
||||
|
||||
@ -13,7 +13,7 @@ ms.date: 11/09/2017
|
||||
|
||||
# System requirements for Windows Defender Application Guard
|
||||
|
||||
**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Windows Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive.
|
||||
|
||||
|
||||
@ -14,7 +14,7 @@ ms.date: 10/16/2018
|
||||
# Application Guard testing scenarios
|
||||
|
||||
|
||||
**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
We've come up with a list of scenarios that you can use to test hardware-based isolation in your organization.
|
||||
|
||||
@ -13,7 +13,7 @@ ms.date: 09/07/2018
|
||||
|
||||
# Windows Defender Application Guard overview
|
||||
|
||||
**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
Windows Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by rendering current attack methods obsolete.
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ ms.date: 09/28/2018
|
||||
# Configure advanced features in Windows Defender ATP
|
||||
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedfeats-abovefoldlink)
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 04/24/2018
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 06/01/2018
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ ms.date: 04/24/2018
|
||||
# View and organize the Windows Defender Advanced Threat Protection Alerts queue
|
||||
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 10/16/2017
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 09/03/2018
|
||||
**Applies to:**
|
||||
- Azure Active Directory
|
||||
- Office 365
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 28/02/2018
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/13/2018
|
||||
**Applies to:**
|
||||
|
||||
- Azure Active Directory
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-basicaccess-abovefoldlink)
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 12/08/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
[!include[Deprecated<65>information](deprecate.md)]
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ ms.date: 04/24/2018
|
||||
# Check sensor health state in Windows Defender ATP
|
||||
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 12/08/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
[!include[Deprecated<65>information](deprecate.md)]
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 04/24/2018
|
||||
# Access the Windows Defender ATP Community Center
|
||||
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ ms.date: 04/24/2018
|
||||
# Enable conditional access to better protect users, devices, and data
|
||||
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 10/16/2017
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -16,7 +16,7 @@ ms.date: 09/03/2018
|
||||
|
||||
# Configure conditional access in Windows Defender ATP
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
This section guides you through all the steps you need to take to properly implement conditional access.
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ ms.date: 10/08/2018
|
||||
# Configure alert notifications in Windows Defender ATP
|
||||
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-emailconfig-abovefoldlink)
|
||||
|
||||
@ -20,7 +20,7 @@ ms.date: 04/24/2018
|
||||
|
||||
- Group Policy
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 09/19/2018
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configureendpointsmdm-abovefoldlink)
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 10/03/2018
|
||||
|
||||
- macOS
|
||||
- Linux
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-nonwindows-abovefoldlink)
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 04/24/2018
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
- System Center 2012 Configuration Manager or later versions
|
||||
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 04/24/2018
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 07/12/2018
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ ms.date: 09/03/2018
|
||||
# Configure managed security service provider integration
|
||||
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-mssp-support-abovefoldlink)
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 09/12/2018
|
||||
# Configure machine proxy and Internet connectivity settings
|
||||
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 11/02/2018
|
||||
- Windows Server 2016
|
||||
- Windows Server, version 1803
|
||||
- Windows Server, 2019
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
[!include[Prerelease information](prerelease.md)]
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 10/16/2017
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 10/16/2017
|
||||
**Applies to:**
|
||||
|
||||
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ ms.date: 10/29/2018
|
||||
|
||||
# Create custom detections rules
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
|
||||
|
||||
|
||||
1. In the navigation pane, select **Advanced hunting**.
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user