deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update windows-defender-antivirus-compatibility.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT 2020-03-18 17:04:44 -07:00
parent 120f74b53e
commit b6cfdb7b75
1 changed files with 11 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
View File

@ -62,22 +62,18 @@ See [Windows Defender Antivirus on Windows Server 2016 and 2019](windows-defende
The following table summarizes the functionality and features that are available in each state:
|State | [Real-time protection](configure-real-time-protection-windows-defender-antivirus.md) and [cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) | [Limited periodic scanning availability](limited-periodic-scanning-windows-defender-antivirus.md) | [File scanning and detection information](customize-run-review-remediate-scans-windows-defender-antivirus.md) | [Threat remediation](configure-remediation-windows-defender-antivirus.md) | [Security intelligence updates](manage-updates-baselines-windows-defender-antivirus.md) |
|-----|---|---|---|---|---|
|Active mode <br/> Windows Defender Antivirus is used as the antivirus app on the machine. All configuration made with Configuration Manager, Group Policy, Intune, or other management products will apply. Files are scanned and threats remediated, and detection information are reported in your configuration tool (such as Configuration Manager or the Windows Defender Antivirus app on the machine itself). | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] |
|Passive mode <br/> Windows Defender Antivirus is not used as the antivirus app, and threats are not remediated by Windows Defender Antivirus. Files are scanned and reports are provided for threat detections which are shared with the Microsoft Defender ATP service. | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] |
|Shadow protection enabled <br/> Windows Defender Antivirus is not used as the primary antivirus solution, but can detect and remediate malicious items |[!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] |
|Automatic disabled mode | Windows Defender Antivirus is not used as the antivirus app. Files are not scanned and threats are not remediated. | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark no](images/svg/check-no.svg)] |
|State |Real-time protection and cloud-delivered protection | Limited periodic scanning availability | File scanning and detection information | Threat remediation | Security intelligence updates |
|State |[Real-time protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus) and [cloud-delivered protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus) | [Limited periodic scanning availability](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus) | [File scanning and detection information](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus) | [Threat remediation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus) | [Security intelligence updates](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus) |
|--|--|--|--|--|--|
|Active mode <br/><br/> Windows Defender Antivirus is used as the antivirus app on the machine. All configuration made with Configuration Manager, Group Policy, Intune, or other management products will apply. Files are scanned and threats remediated, and detection information are reported in your configuration tool (such as Configuration Manager or the Windows Defender Antivirus app on the machine itself). |![yes](images/svg/check-yes.svg) |![no](images/svg/check-no.svg) |![yes](images/svg/check-yes.svg) |![yes](images/svg/check-yes.svg) |![yes](images/svg/check-yes.svg) |
|Passive mode <br/><br/> Windows Defender Antivirus is not used as the antivirus app, and threats are not remediated by Windows Defender Antivirus. Files are scanned and reports are provided for threat detections which are shared with the Microsoft Defender ATP service. |![no](images/svg/check-no.svg) |![no](images/svg/check-no.svg) | |![no](images/svg/check-no.svg) | |
| | | | | | |
| | | | | | |
|Active mode <br/><br/> |![yes](images/svg/check-yes.svg) |![no](images/svg/check-no.svg) |![yes](images/svg/check-yes.svg) |![yes](images/svg/check-yes.svg) |![yes](images/svg/check-yes.svg) |
|Passive mode |![no](images/svg/check-no.svg) |![no](images/svg/check-no.svg) |![yes](images/svg/check-yes.svg) |![no](images/svg/check-no.svg) |![yes](images/svg/check-yes.svg) |
|Shadow protection enabled |![no](images/svg/check-no.svg) |![no](images/svg/check-no.svg) |![yes](images/svg/check-yes.svg) |![yes](images/svg/check-yes.svg) |![yes](images/svg/check-yes.svg) |
|Automatic disabled mode |![no](images/svg/check-no.svg) |![yes](images/svg/check-yes.svg) |![no](images/svg/check-no.svg) |![no](images/svg/check-no.svg) |![no](images/svg/check-no.svg) |
- In Active mode, Windows Defender Antivirus is used as the antivirus app on the machine. All configuration made with Configuration Manager, Group Policy, Intune, or other management products will apply. Files are scanned and threats remediated, and detection information are reported in your configuration tool (such as Configuration Manager or the Windows Defender Antivirus app on the machine itself).
- In Passive mode, Windows Defender Antivirus is not used as the antivirus app, and threats are not remediated by Windows Defender Antivirus. Files are scanned and reports are provided for threat detections which are shared with the Microsoft Defender ATP service.
- When shadow protection is turned on, Windows Defender Antivirus is not used as the primary antivirus solution, but can still detect and remediate malicious items.
- Windows Defender Antivirus is not used as the antivirus app. Files are not scanned and threats are not remediated.
If you are enrolled in Microsoft Defender ATP and you are using a third party antimalware product then passive mode is enabled because [the service requires common information sharing from the Windows Defender Antivirus service](../microsoft-defender-atp/defender-compatibility.md) in order to properly monitor your devices and network for intrusion attempts and attacks.