mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-16 15:27:22 +00:00
Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into alhopper-mrmw-apps
pull from master
This commit is contained in:
Allison Hopper - Microsoft
commit
717149bd12
@ -42,7 +42,7 @@ In Log Analytics, go to **Settings > Connected sources > Windows telemetry** and
|
||||
|
||||
Even though devices can take 2-3 days after enrollment to show up due to latency in the system, you can now verify the status of your devices with a few hours of running the deployment script as described in [You can now check on the status of your computers within hours of running the deployment script](https://blogs.technet.microsoft.com/upgradeanalytics/2017/05/12/wheres-my-data/) on the Windows Analytics blog.
|
||||
>[!NOTE]
|
||||
> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id," please go to **Settings > Connected sources > Windows telemetry** and unsubscribe, wait a minute and then re-subscribe to Upgrade Readiness. This is a known issue and we are working on a fix.
|
||||
> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id," go to **Settings > Connected sources > Windows telemetry** and unsubscribe, wait a minute and then re-subscribe to Upgrade Readiness.
|
||||
|
||||
If devices are not showing up as expected, find a representative device and follow these steps to run the latest pilot version of the Upgrade Readiness deployment script on it to troubleshoot issues:
|
||||
|
||||
@ -163,7 +163,7 @@ Also, on Windows 10 devices remember that IE site discovery requires data diagno
|
||||
Finally, Upgrade Readiness only collects IE site discovery data on devices that are not yet upgraded to the target operating system version specified in the Upgrade Readiness Overview blade. This is because Upgrade Readiness targets upgrade planning (for devices not yet upgraded).
|
||||
|
||||
### Device Names don't show up on Windows 10 devices
|
||||
Starting with the build currently available in the Windows Insider Program, the device name is no longer collected by default and requires a separate opt-in. For more information, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
|
||||
Starting with Windows 10, version 1803, the device name is no longer collected by default and requires a separate opt-in. For more information, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
|
||||
|
||||
### Disable Upgrade Readiness
|
||||
|
||||
|
||||
@ -44,7 +44,7 @@ To enable data sharing, configure your proxy sever to whitelist the following en
|
||||
|
||||
| **Endpoint** | **Function** |
|
||||
|---------------------------------------------------------|-----------|
|
||||
| `https://v10.events.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for use with the build of Windows 10 available in the Windows Insider Program|
|
||||
| `https://v10.events.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for use with Windows 10, version 1803|
|
||||
| `https://v10.vortex-win.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for Windows 10, version 1709 or earlier |
|
||||
| `https://vortex-win.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for operating systems older than Windows 10 |
|
||||
| `https://settings-win.data.microsoft.com` | Enables the compatibility update to send data to Microsoft.
|
||||
@ -137,7 +137,7 @@ These policies are under Microsoft\Windows\DataCollection:
|
||||
| CommercialId | In order for your devices to show up in Windows Analytics, they must be configured with your organization’s Commercial ID. |
|
||||
| AllowTelemetry (in Windows 10) | 1 (Basic), 2 (Enhanced) or 3 (Full) diagnostic data. Windows Analytics will work with basic diagnostic data, but more features are available when you use the Enhanced level (for example, Device Health requires Enhanced diagnostic data and Upgrade Readiness only collects app usage and site discovery data on Windows 10 devices with Enhanced diagnostic data). For more information, see [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization). |
|
||||
| LimitEnhancedDiagnosticDataWindowsAnalytics (in Windows 10) | Only applies when AllowTelemetry=2. Limits the Enhanced diagnostic data events sent to Microsoft to just those needed by Windows Analytics. For more information, see [Windows 10, version 1709 enhanced diagnostic data events and fields used by Windows Analytics](https://docs.microsoft.com/windows/configuration/enhanced-diagnostic-data-windows-analytics-events-and-fields).|
|
||||
| AllowDeviceNameInTelemetry (in Windows 10) | In the build currently available in the Windows Insider Program for Windows 10, a separate opt-in is required to enable devices to continue to send the device name. |
|
||||
| AllowDeviceNameInTelemetry (in Windows 10) | In Windows 10, version 1803, a separate opt-in is required to enable devices to continue to send the device name. |
|
||||
| CommercialDataOptIn (in Windows 7 and Windows 8) | 1 is required for Upgrade Readiness, which is the only solution that runs on Windows 7 or Windows 8. |
|
||||
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 09/12/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 08/26/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
|
||||
---
|
||||
|
||||
@ -40,7 +40,7 @@ To configure the Group Policy settings described in the following table:
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 02/08/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 02/08/2018
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10, version 1703
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
@ -54,7 +54,7 @@ You can also [customize the message displayed on users' desktops](https://docs.m
|
||||
|
||||
When a Windows Defender Antivirus client encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend will apply heuristics, machine learning, and automated analysis of the file to determine the files as malicious or clean.
|
||||
|
||||
The Block at First Sight feature only uses the cloud protection backend for executable files that are downloaded from the Internet, or originating from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
|
||||
The Block at First Sight feature only uses the cloud protection backend for executable files and non-portable executable files (such as JS, VBS, or macros) that are downloaded from the Internet, or originating from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
|
||||
|
||||
|
||||
|
||||
@ -75,7 +75,7 @@ Block at First Sight requires a number of Group Policy settings to be configured
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > MAPS** and configure the following Group Policies:
|
||||
|
||||
@ -137,9 +137,7 @@ You may choose to disable the Block at First Sight feature if you want to retain
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree through **Windows components > Windows Defender Antivirus > MAPS**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Configure the cloud block timeout period
|
||||
@ -20,7 +20,7 @@ ms.date: 08/26/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1703
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
@ -55,7 +55,7 @@ You can use Group Policy to specify an extended timeout for cloud checks.
|
||||
|
||||
2. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
3. Click **Policies** then **Administrative templates**.
|
||||
3. Click **Administrative templates**.
|
||||
|
||||
4. Expand the tree to **Windows components > Windows Defender Antivirus > MpEngine**
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 08/26/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 07/27/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/07/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Configure and validate exclusions based on file extension and folder location
|
||||
@ -99,7 +99,7 @@ You can [configure how locally and globally defined exclusions lists are merged]
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
|
||||
|
||||
|
||||
@ -9,16 +9,16 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/31/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Configure the notifications that appear on endpoints
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1703
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
@ -63,7 +63,7 @@ You can configure the display of additional notifications, such as recent threat
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Reporting**.
|
||||
|
||||
@ -90,7 +90,7 @@ See the [Customize the Windows Defender Security Center app for your organizatio
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**.
|
||||
|
||||
@ -102,7 +102,7 @@ See the [Customize the Windows Defender Security Center app for your organizatio
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 07/27/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Configure exclusions for files opened by processes
|
||||
@ -73,7 +73,7 @@ You can [configure how locally and globally defined exclusions lists are merged]
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 08/26/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -89,7 +89,7 @@ The main real-time protection capability is enabled by default, but you can disa
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Real-time protection**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -49,7 +49,7 @@ To configure these settings:
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 07/27/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Configure exclusions in Windows Defender AV on Windows Server
|
||||
@ -63,7 +63,7 @@ You can disable the auto-exclusions lists with Group Policy, PowerShell cmdlets,
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 08/26/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 08/26/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Deploy, manage, and report on Windows Defender Antivirus
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 12/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Deploy and enable Windows Defender Antivirus
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure (VDI) environment
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: detect
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 11/20/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Enable cloud-delivered protection in Windows Defender AV
|
||||
@ -57,7 +57,7 @@ There are specific network-connectivity requirements to ensure your endpoints ca
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > MAPS**
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Evaluate Windows Defender Antivirus protection
|
||||
@ -19,7 +19,7 @@ ms.date: 11/20/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1703
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/16/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 10/16/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1703
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
|
||||
**Audience**
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Manage event-based forced updates
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Manage updates and scans for endpoints that are out of date
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Manage the schedule for when protection updates should be downloaded and applied
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Manage the sources for Windows Defender Antivirus protection updates
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 12/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Manage Windows Defender Antivirus updates and apply baselines
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Manage updates for mobile devices and virtual machines (VMs)
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Prevent users from seeing or interacting with the Windows Defender AV user interface
|
||||
@ -56,7 +56,7 @@ In earlier versions of Windows 10, the setting will hide the Windows Defender cl
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**.
|
||||
|
||||
@ -76,7 +76,7 @@ You can prevent users from pausing scans. This can be helpful to ensure schedule
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Scan**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Report on Windows Defender Antivirus protection
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 08/26/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 08/26/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/30/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -51,7 +51,7 @@ To configure the Group Policy settings described in this topic:
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Specify the cloud-delivered protection level
|
||||
@ -20,7 +20,7 @@ ms.date: 08/26/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1703
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
@ -44,7 +44,7 @@ You can specify the level of cloud-protection offered by Windows Defender Antivi
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > MpEngine**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 09/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Troubleshoot Windows Defender Antivirus reporting in Update Compliance
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/16/2018
|
||||
---
|
||||
|
||||
# Review event logs and error codes to troubleshoot issues with Windows Defender AV
|
||||
@ -1377,6 +1377,60 @@ User action:
|
||||
No action is necessary. The Windows Defender Antivirus client is in a healthy state. This event is reported on an hourly basis.
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<th colspan="2">Event ID: 1151</th>
|
||||
</tr>
|
||||
<tr><td>
|
||||
Symbolic name:
|
||||
</td>
|
||||
<td >
|
||||
<b>MALWAREPROTECTION_SERVICE_HEALTH_REPORT</b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Message:
|
||||
</td>
|
||||
<td >
|
||||
<b>Endpoint Protection client health report (time in UTC)
|
||||
</b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Description:
|
||||
</td>
|
||||
<td >
|
||||
Windows Defender client health report.
|
||||
<dl>
|
||||
<dt>Platform Version: <Current platform version></dt>
|
||||
<dt>Engine Version: <Antimalware Engine version></dt>
|
||||
<dt>Network Realtime Inspection engine version: <Network Realtime Inspection engine version></dt>
|
||||
<dt>Antivirus signature version: <Antivirus signature version></dt>
|
||||
<dt>Antispyware signature version: <Antispyware signature version></dt>
|
||||
<dt>Network Realtime Inspection signature version: <Network Realtime Inspection signature version></dt>
|
||||
<dt>RTP state: <Realtime protection state> (Enabled or Disabled)</dt>
|
||||
<dt>OA state: <On Access state> (Enabled or Disabled)</dt>
|
||||
<dt>IOAV state: <IE Downloads and Outlook Express Attachments state> (Enabled or Disabled)</dt>
|
||||
<dt>BM state: <Behavior Monitoring state> (Enabled or Disabled)</dt>
|
||||
<dt>Antivirus signature age: <Antivirus signature age> (in days)</dt>
|
||||
<dt>Antispyware signature age: <Antispyware signature age> (in days)</dt>
|
||||
<dt>Last quick scan age: <Last quick scan age> (in days)</dt>
|
||||
<dt>Last full scan age: <Last full scan age> (in days)</dt>
|
||||
<dt>Antivirus signature creation time: ?<Antivirus signature creation time></dt>
|
||||
<dt>Antispyware signature creation time: ?<Antispyware signature creation time></dt>
|
||||
<dt>Last quick scan start time: ?<Last quick scan start time></dt>
|
||||
<dt>Last quick scan end time: ?<Last quick scan end time></dt>
|
||||
<dt>Last quick scan source: <Last quick scan source> (1 = scheduled, 2 = on demand)</dt>
|
||||
<dt>Last full scan start time: ?<Last full scan start time></dt>
|
||||
<dt>Last full scan end time: ?<Last full scan end time></dt>
|
||||
<dt>Last full scan source: <Last full scan source> (1 = scheduled, 2 = on demand)</dt>
|
||||
<dt>Product status: For internal troubleshooting
|
||||
</dl>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<th colspan="2">Event ID: 2000</th>
|
||||
</tr>
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Use Group Policy settings to configure and manage Windows Defender AV
|
||||
@ -28,7 +28,7 @@ In general, you can use the following procedure to configure or change Windows D
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus**.
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 08/26/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 12/12/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 08/26/2017
|
||||
---
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 08/26/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Run and review the results of a Windows Defender Offline scan
|
||||
@ -19,7 +19,7 @@ ms.date: 08/26/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1607
|
||||
- Windows 10, version 1607 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
|
||||
@ -9,20 +9,16 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/02/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Windows Defender Antivirus in the Windows Defender Security Center app
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10, version 1703
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
@ -33,12 +29,12 @@ ms.date: 10/02/2017
|
||||
- Windows Defender Security Center app
|
||||
|
||||
|
||||
In Windows 10, version 1703 (also known as the Creators Update), the Windows Defender app is now part of the Windows Defender Security Center.
|
||||
In Windows 10, version 1703 and later, the Windows Defender app is part of the Windows Defender Security Center.
|
||||
|
||||
Settings that were previously part of the Windows Defender client and main Windows Settings have been combined and moved to the new app, which is installed by default as part of Windows 10, version 1703.
|
||||
|
||||
> [!IMPORTANT]
|
||||
> Disabling the Windows Security Center service will not disable Windows Defender AV or [Windows Defender Firewall](https://docs.microsoft.com/en-us/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security). These will be disabled automatically when a third-party antivirus or firewall product is installed and kept up to date.
|
||||
> Disabling the Windows Security Center service will not disable Windows Defender AV or [Windows Defender Firewall](https://docs.microsoft.com/en-us/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security). These are disabled automatically when a third-party antivirus or firewall product is installed and kept up to date.
|
||||
|
||||
> [!WARNING]
|
||||
> If you do disable the Windows Security Center service, or configure its associated Group Policy settings to prevent it from starting or running, the Windows Defender Security Center may display stale or inaccurate information about any antivirus or firewall products you have installed on the device.
|
||||
@ -49,7 +45,7 @@ Settings that were previously part of the Windows Defender client and main Windo
|
||||
See the [Windows Defender Security Center topic](/windows/threat-protection/windows-defender-security-center/windows-defender-security-center) for more information on other Windows security features that can be monitored in the app.
|
||||
|
||||
>[!NOTE]
|
||||
>The Windows Defender Security Center app is a client interface on Windows 10, version 1703. It is not the Windows Defender Security Center web portal that is used to review and manage [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md).
|
||||
>The Windows Defender Security Center app is a client interface on Windows 10, version 1703 and later. It is not the Windows Defender Security Center web portal that is used to review and manage [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md).
|
||||
|
||||
**Review virus and threat protection settings in the Windows Defender Security Center app:**
|
||||
|
||||
@ -69,13 +65,13 @@ The following diagrams compare the location of settings and functions between th
|
||||
|
||||
|
||||
|
||||
Item | Windows 10, before version 1703 | Windows 10, version 1703 | Description
|
||||
Item | Windows 10, before version 1703 | Windows 10, version 1703 and later | Description
|
||||
---|---|---|---
|
||||
1 | **Update** tab | **Protection updates** | Update the protection ("definition updates")
|
||||
2 | **History** tab | **Scan history** | Review threats that were quarantined, removed, or allowed
|
||||
3 | **Settings** (links to **Windows Settings**) | **Virus & threat protection settings** | Enable various features, including Real-time protection, Cloud-delivered protection, Advanced notifications, and Automatic ample submission
|
||||
4 | **Scan options** | **Advanced scan** | Run a full scan, custom scan, or a Windows Defender Offline scan
|
||||
5 | Run a scan (based on the option chosen under **Scan options** | **Quick scan** | In Windows 10, version 1703 you can run custom and full scans under the **Advanced scan** option
|
||||
5 | Run a scan (based on the option chosen under **Scan options** | **Quick scan** | In Windows 10, version 1703 and later, you can run custom and full scans under the **Advanced scan** option
|
||||
|
||||
|
||||
## Common tasks
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/01/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 04/01/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709 (and later)
|
||||
- Windows 10, version 1709 and later
|
||||
- Microsoft Office 365
|
||||
- Microsoft Office 2016
|
||||
- Microsoft Office 2013
|
||||
@ -65,6 +65,14 @@ You can also use [audit mode](audit-windows-defender-exploit-guard.md) to evalua
|
||||
|
||||
## Attack surface reduction rules
|
||||
|
||||
Windows 10, version 1803 has five new Attack surface reduction rules:
|
||||
|
||||
- Block executable files from running unless they meet a prevalence, age, or trusted list criteria
|
||||
- Use advanced protection against ransomware
|
||||
- Block credential stealing from the Windows local security authority subsystem (lsass.exe)
|
||||
- Block process creations originating from PSExec and WMI commands
|
||||
- Block untrusted and unsigned processes that run from USB
|
||||
|
||||
The following sections describe what each rule does. Each rule is identified by a rule GUID, as in the following table:
|
||||
|
||||
Rule name | GUID
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 12/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 12/12/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
|
||||
@ -9,16 +9,16 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 12/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Collect diagnostic data for Windows Defender Exploit Guard file submissions
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 11/20/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/18/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 10/18/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
@ -82,9 +82,7 @@ You can use the Windows Defender Security Center app or Group Policy to add and
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled folder access**.
|
||||
|
||||
|
||||
@ -9,16 +9,16 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 12/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Customize Exploit protection
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 12/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 12/12/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
- Enhanced Mitigation Experience Toolkit version 5.5 (latest version)
|
||||
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 12/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 12/12/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 11/20/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
@ -100,6 +100,8 @@ Event ID | Description
|
||||
5007 | Event when settings are changed
|
||||
1124 | Audited Controlled folder access event
|
||||
1123 | Blocked Controlled folder access event
|
||||
1127 | Blocked Controlled folder access sector write block event
|
||||
1128 | Audited Controlled folder access sector write block event
|
||||
|
||||
|
||||
## Use audit mode to measure impact
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -20,7 +20,7 @@ ms.date: 11/20/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 11/20/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
|
||||
@ -8,11 +8,11 @@ ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.date: 12/12/2017
|
||||
ms.date: 04/16/2018
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.author: iawilt
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
@ -190,6 +190,8 @@ Network protection | Windows Defender (Operational) | 1126 | Event when Network
|
||||
Controlled folder access | Windows Defender (Operational) | 5007 | Event when settings are changed
|
||||
Controlled folder access | Windows Defender (Operational) | 1124 | Audited Controlled folder access event
|
||||
Controlled folder access | Windows Defender (Operational) | 1123 | Blocked Controlled folder access event
|
||||
Controlled folder access | Windows Defender (Operational) | 1127 | Blocked Controlled folder access sector write block event
|
||||
Controlled folder access | Windows Defender (Operational) | 1128 | Audited Controlled folder access sector write block event
|
||||
Attack surface reduction | Windows Defender (Operational) | 5007 | Event when settings are changed
|
||||
Attack surface reduction | Windows Defender (Operational) | 1122 | Event when rule fires in Audit-mode
|
||||
Attack surface reduction | Windows Defender (Operational) | 1121 | Event when rule fires in Block-mode
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 12/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 12/12/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 20 KiB After Width: | Height: | Size: 16 KiB |
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/30/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 11/30/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
@ -166,7 +166,7 @@ You can use Group Policy to deploy the configuration you've created to multiple
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
4. Click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Exploit Guard > Exploit protection**.
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 01/31/18
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 01/31/18
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 39 KiB After Width: | Height: | Size: 208 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 78 KiB |
@ -0,0 +1,58 @@
|
||||
---
|
||||
title: Account protection in the Windows Defender Security Center app
|
||||
description: Use the Account protection section to manage security for your account and sign in to Microsoft.
|
||||
keywords: account protection, wdav, smartscreen, antivirus, wdsc, exploit, protection, hide
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.pagetype: security
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
# Account protection
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10, version 1803 and later
|
||||
|
||||
|
||||
The **Account protection** section contains information and settings for account protection and sign in. IT administrators and IT pros can get more information and documentation about configuration from the following:
|
||||
|
||||
- [Microsoft Account](https://account.microsoft.com/account/faq)
|
||||
- [Windows Hello for Business](https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-identity-verification)
|
||||
- [Lock your Windows 10 PC automatically when you step away from it](https://support.microsoft.com/en-us/help/4028111/windows-lock-your-windows-10-pc-automatically-when-you-step-away-from)
|
||||
|
||||
You can also choose to hide the section from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
|
||||
|
||||
|
||||
## Hide the Account protection section
|
||||
|
||||
You can choose to hide the entire section by using Group Policy. The section will not appear on the home page of the Windows Defender Security Center app, and its icon will not be shown on the navigiation bar on the side of the app.
|
||||
|
||||
This can only be done in Group Policy.
|
||||
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1803 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Account protection**.
|
||||
|
||||
6. Open the **Hide the Account protection area** setting and set it to **Enabled**. Click **OK**.
|
||||
|
||||
7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx).
|
||||
|
||||
>[!NOTE]
|
||||
>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
|
||||
>
|
||||
>
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/16/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -24,7 +24,7 @@ ms.date: 10/16/2017
|
||||
|
||||
The **App and browser control** section contains information and settings for Windows Defender SmartScreen. IT administrators and IT pros can get configuration guidance from the [Windows Defender SmartScreen documentation library](https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview).
|
||||
|
||||
In Windows 10, version 1709, the section also provides configuration options for Exploit protection. You can prevent users from modifying these specific options with Group Policy. IT administrators can get more information at the [Exploit protection](../windows-defender-exploit-guard/exploit-protection-exploit-guard.md) topic in the Windows Defender Exploit Guard library.
|
||||
In Windows 10, version 1709 and later, the section also provides configuration options for Exploit protection. You can prevent users from modifying these specific options with Group Policy. IT administrators can get more information at the [Exploit protection](../windows-defender-exploit-guard/exploit-protection-exploit-guard.md) topic in the Windows Defender Exploit Guard library.
|
||||
|
||||
You can also choose to hide the section from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
|
||||
|
||||
@ -38,13 +38,11 @@ You can only prevent users from modifying Exploit protection settings by using G
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > App and browser protection**.
|
||||
|
||||
@ -65,9 +63,7 @@ This can only be done in Group Policy.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > App and browser protection**.
|
||||
|
||||
|
||||
@ -9,16 +9,16 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/16/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Customize the Windows Defender Security Center app for your organization
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
@ -44,7 +44,7 @@ Users can click on the displayed information to initiate a support request:
|
||||
|
||||
## Requirements
|
||||
|
||||
You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
## Use Group Policy to enable and customize contact information
|
||||
|
||||
@ -54,9 +54,7 @@ This can only be done in Group Policy.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Enterprise Customization**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/16/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -27,7 +27,7 @@ The **Device performance & health** section contains information about hardware,
|
||||
The [Windows 10 IT pro troubleshooting topic](https://docs.microsoft.com/en-us/windows/client-management/windows-10-support-solutions), and the main [Windows 10 documentation library](https://docs.microsoft.com/en-us/windows/windows-10/) can also be helpful for resolving issues.
|
||||
|
||||
|
||||
In Windows 10, version 1709, the section can be hidden from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
|
||||
In Windows 10, version 1709 and later, the section can be hidden from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
|
||||
|
||||
|
||||
## Hide the Device performance & health section
|
||||
@ -43,9 +43,7 @@ This can only be done in Group Policy.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Device performance and health**.
|
||||
|
||||
|
||||
@ -0,0 +1,54 @@
|
||||
---
|
||||
title: Device security in the Windows Defender Security Center app
|
||||
description: Use the Device security section to manage security built into your device, including virtualization-based security.
|
||||
keywords: device security, device guard, wdav, smartscreen, antivirus, wdsc, exploit, protection, hide
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.pagetype: security
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
# Device security
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10, version 1803 and later
|
||||
|
||||
|
||||
The **Device security** section contains information and settings for built-in device security.
|
||||
|
||||
You can choose to hide the section from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
|
||||
|
||||
|
||||
## Hide the Device security section
|
||||
|
||||
You can choose to hide the entire section by using Group Policy. The section will not appear on the home page of the Windows Defender Security Center app, and its icon will not be shown on the navigiation bar on the side of the app.
|
||||
|
||||
This can only be done in Group Policy.
|
||||
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1803 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Device security**.
|
||||
|
||||
6. Open the **Hide the Device security area** setting and set it to **Enabled**. Click **OK**.
|
||||
|
||||
7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx).
|
||||
|
||||
>[!NOTE]
|
||||
>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
|
||||
>
|
||||
>
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/16/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -38,13 +38,11 @@ This can only be done in Group Policy.
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Family options**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/16/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -24,7 +24,7 @@ ms.date: 10/16/2017
|
||||
|
||||
The **Firewall & network protection** section contains information about the firewalls and network connections used by the machine, including the status of Windows Defender Firewall and any other third-party firewalls. IT administrators and IT pros can get configuration guidance from the [Windows Defender Firewall with Advanced Security documentation library](https://docs.microsoft.com/en-us/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security).
|
||||
|
||||
In Windows 10, version 1709, the section can be hidden from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
|
||||
In Windows 10, version 1709 and later, the section can be hidden from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
|
||||
|
||||
|
||||
## Hide the Firewall & network protection section
|
||||
@ -36,13 +36,11 @@ This can only be done in Group Policy.
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Firewall and network protection**.
|
||||
|
||||
|
||||
@ -9,16 +9,16 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/16/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Hide Windows Defender Security Center app notifications
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
@ -52,13 +52,11 @@ This can only be done in Group Policy.
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Notifications**.
|
||||
|
||||
@ -76,13 +74,11 @@ This can only be done in Group Policy.
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Notifications**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/16/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -22,14 +22,16 @@ ms.date: 10/16/2017
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
|
||||
The **Virus & threat protection** section contains information and settings for antivirus protection from Windows Defender Antivirus and third-party AV products. IT administrators and IT pros can get more information and documentation about configuration from the following:
|
||||
The **Virus & threat protection** section contains information and settings for antivirus protection from Windows Defender Antivirus and third-party AV products. In Windows 10, version 1803 and later, this section also contains information and settings for ransomware protection and recovery, including Controlled folder access settings and sign in to Microsoft OneDrive. IT administrators and IT pros can get more information and documentation about configuration from the following:
|
||||
|
||||
- [Windows Defender Antivirus in the Windows Defender Security Center app](../windows-defender-antivirus/windows-defender-security-center-antivirus.md)
|
||||
- [Windows Defender Antivirus documentation library](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
|
||||
- [Protect important folders with Controlled folder access](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)
|
||||
- [Defend yourself from cybercrime with new Office 365 capabilities](https://blogs.office.com/en-us/2018/04/05/defend-yourself-from-cybercrime-with-new-office-365-capabilities/)
|
||||
- [Office 365 advanced protection](https://support.office.com/en-us/article/office-365-advanced-protection-82e72640-39be-4dc7-8efd-740fb289123a)
|
||||
- [Ransomware detection and recovering your files](https://support.office.com/en-us/article/ransomware-detection-and-recovering-your-files-0d90ec50-6bfd-40f4-acc7-b8c12c73637f?ui=en-US&rs=en-US&ad=US)
|
||||
|
||||
In Windows 10, version 1709, the section also provides configuration options for Controlled folder access. IT administrators can get more information at the [Controlled folder access](../windows-defender-exploit-guard/controlled-folders-exploit-guard.md) topic in the Windows Defender Exploit Guard library.
|
||||
|
||||
You can also choose to hide the section from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
|
||||
You can choose to hide the **Virus & threat protection** section or the **Ransomware protection** area from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
|
||||
|
||||
|
||||
## Hide the Virus & threat protection section
|
||||
@ -41,13 +43,11 @@ This can only be done in Group Policy.
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Virus and threat protection**.
|
||||
|
||||
@ -58,4 +58,25 @@ This can only be done in Group Policy.
|
||||
>[!NOTE]
|
||||
>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
|
||||
>
|
||||
>
|
||||
>
|
||||
|
||||
## Hide the Ransomware protection area
|
||||
|
||||
You can choose to hide the **Ransomware protection** area by using Group Policy. The area will not appear on the **Virus & threat protection** section of the Windows Defender Security Center app.
|
||||
|
||||
This can only be done in Group Policy.
|
||||
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Security Center > Virus and threat protection**.
|
||||
|
||||
6. Open the **Hide the Ransomware data recovery area** setting and set it to **Enabled**. Click **OK**.
|
||||
|
||||
7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx).
|
||||
|
||||
@ -0,0 +1,44 @@
|
||||
---
|
||||
title: Manage Windows Defender Security Center in Windows 10 in S mode
|
||||
description: Windows Defender Security Center settings are different in Windows 10 in S mode
|
||||
keywords: windows 10 in s mode, windows 10 s, windows 10 s mode, wdav, smartscreen, antivirus, wdsc, firewall, device health, performance, Edge, browser, family, parental options, security, windows
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.pagetype: security
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Manage Windows Defender Security Center in Windows 10 in S mode
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10 in S mode, version 1803
|
||||
|
||||
**Audience**
|
||||
|
||||
- Enterprise security administrators
|
||||
|
||||
**Manageability available with**
|
||||
|
||||
- Microsoft Intune
|
||||
|
||||
Windows 10 in S mode is streamlined for tighter security and superior performance. With Windows 10 in S mode, users can only use apps from the Microsoft Store, ensuring Microsoft-verified security so you can minimize malware attacks. In addition, using Microsoft Edge provides a more secure browser experience, with extra protections against phishing and malicious software.
|
||||
|
||||
The Windows Defender Security Center interface is a little different in Windows 10 in S mode. The **Virus & threat protection** area has fewer options, because the built-in security of Windows 10 in S mode prevents viruses and other threats from running on devices in your organization. In addition, devices running Windows 10 in S mode receive security updates automatically.
|
||||
|
||||
|
||||
|
||||
For more information about Windows 10 in S mode, including how to switch out of S mode, see Windows 10 Pro in S mode.
|
||||
|
||||
##Managing Windows Defender Security Center settings with Intune
|
||||
|
||||
In the enterprise, you can only manage security settings for devices running Windows 10 in S mode with Microsoft Intune or other mobile device management apps. Windows 10 in S mode prevents making changes via PowerShell scripts.
|
||||
|
||||
For information about using Intune to manage Windows Defender Security Center settings on your organization's devices, see [Set up Intune](https://docs.microsoft.com/en-us/intune/setup-steps) and [Endpoint protection settings for Windows 10 (and later) in Intune](https://docs.microsoft.com/en-us/intune/endpoint-protection-windows-10).
|
||||
|
||||
@ -27,7 +27,9 @@ ms.date: 04/11/2018
|
||||
|
||||
|
||||
|
||||
In Windows 10, version 1703 we introduced the new Windows Defender Security Center app, which brings together common Windows security features into one app. Many settings that were previously part of the individual features and main Windows Settings have been combined and moved to the new app, which is installed out-of-the-box as part of Windows 10, version 1703.
|
||||
In Windows 10, version 1709 and later, the app also shows information from third-party antivirus and firewall apps.
|
||||
|
||||
In Windows 10, version 1803, the app has two new areas, **Account protection** and **Device security**.
|
||||
|
||||
|
||||
|
||||
@ -54,11 +56,13 @@ You can't uninstall the Windows Defender Security Center app, but you can do one
|
||||
You can find more information about each section, including options for configuring the sections - such as hiding each of the sections - at the following topics:
|
||||
|
||||
|
||||
- [Virus & threat protection](wdsc-virus-threat-protection.md), which has information and access to antivirus settings and the Controlled folder access feature of Windows Defender Exploit Guard
|
||||
- [Device performance & health](wdsc-device-performance-health.md), which has information about drivers, storage space, and general Windows Update issues
|
||||
- [Firewall & network protection](wdsc-firewall-network-protection.md), which has information and access to firewall settings, including Windows Defender Firewall
|
||||
- [App & browser control](wdsc-app-browser-control.md), covering Windows Defender SmartScreen settings and Exploit protection mitigations
|
||||
- [Family options](wdsc-family-options.md), which includes access to parental controls along with tips and information for keeping kids safe online
|
||||
- [Virus & threat protection](wdsc-virus-threat-protection.md), which has information and access to antivirus ransomware protection settings and notifications, including the Controlled folder access feature of Windows Defender Exploit Guard and sign-in to Microsoft OneDrive.
|
||||
- [Account protection](wdsc-account-protection.md), which has information and access to sign-in and account protection settings.
|
||||
- [Firewall & network protection](wdsc-firewall-network-protection.md), which has information and access to firewall settings, including Windows Defender Firewall.
|
||||
- [App & browser control](wdsc-app-browser-control.md), covering Windows Defender SmartScreen settings and Exploit protection mitigations.
|
||||
- [Device security](wdsc-device-security.md), which provides access to built-in device security settings.
|
||||
- [Device performance & health](wdsc-device-performance-health.md), which has information about drivers, storage space, and general Windows Update issues.
|
||||
- [Family options](wdsc-family-options.md), which includes access to parental controls along with tips and information for keeping kids safe online.
|
||||
|
||||
|
||||
>[!NOTE]
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user