deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-16 07:17:24 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update symantec-to-microsoft-defender-atp-part2.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT 2020-06-11 16:39:44 -07:00
parent b83b64fbca
commit 1ffbd9156b
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-part2.md
View File

@ -27,8 +27,6 @@ ms.topic: article
## Set Microsoft Defender ATP to passive mode
*This is from the Word doc - needs revision and clarification*
*QUESTION: How/why are we changing registry keys when we haven't onboarded these devices yet? Am I missing something?*
This procedure applies to devices running any of the following versions of Windows:
@ -47,13 +45,18 @@ For those versions of Windows, you should set the registry key for Microsoft Def
- Under **Base**, select **Hexidecimal**.
> [!NOTE]
> You can use [Group Policy Preference](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn581922(v=ws.11)), [Local Group Policy Object tool](https://docs.microsoft.com/windows/security/threat-protection/security-compliance-toolkit-10#what-is-the-local-group-policy-object-lgpo-tool), or a [package in Configuration Manager](https://docs.microsoft.com/mem/configmgr/apps/deploy-use/packages-and-programs) to perform this task.
> You can use other methods to perform this task:
>- [Group Policy Preference](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn581922(v=ws.11))
>- [Local Group Policy Object tool](https://docs.microsoft.com/windows/security/threat-protection/security-compliance-toolkit-10#what-is-the-local-group-policy-object-lgpo-tool)
>- [A package in Configuration Manager](https://docs.microsoft.com/mem/configmgr/apps/deploy-use/packages-and-programs)
## Re-enable Microsoft Defender Antivirus
*This is from the Word doc - needs revision and clarification*
If your organization is using a third-party antivirus solution (such as Symantec), Microsoft Defender Antivirus (Microsoft Defender AV) is most likely disabled. Microsoft Defender AV
Many IT Architects/IT Administrators/Security Architects/Security Administrators might have disabled the “Windows Defender” service back in the Windows 7 SP1/Windows Server 2008 R2 SP1 days, when it was just an Antispyware or if you have a 3rd party AV.
Review in AGPM or GPMC to see if the following policy is set:
@ -75,6 +78,7 @@ Future item: Add a CMPivot query that provides the results of the entry
Reference(s):
Use Group Policy settings to configure and manage Windows Defender Antivirus
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/use-group-policy-windows-defender-antivirus
Turn on Windows Defender to access company resources
https://docs.microsoft.com/en-us/intune-user-help/turn-on-defender-windows