From db55979f104564ef95b43c358191d452804438fb Mon Sep 17 00:00:00 2001 From: Iaan D'Souza-Wiltshire Date: Sun, 19 Mar 2017 22:57:56 -0700 Subject: [PATCH] management tidy and wdsc --- ...ased-updates-windows-defender-antivirus.md | 2 +- ...ed-endpoints-windows-defender-antivirus.md | 4 +- ...ate-schedule-windows-defender-antivirus.md | 4 +- ...-devices-vms-windows-defender-antivirus.md | 34 ++++--- ...dows-defender-security-center-antivirus.md | 90 +++++++++++++++++++ 5 files changed, 119 insertions(+), 15 deletions(-) create mode 100644 windows/keep-secure/WDAV-working/windows-defender-security-center-antivirus.md diff --git a/windows/keep-secure/WDAV-working/manage-event-based-updates-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/manage-event-based-updates-windows-defender-antivirus.md index cb7076e787..6cfbaa35f1 100644 --- a/windows/keep-secure/WDAV-working/manage-event-based-updates-windows-defender-antivirus.md +++ b/windows/keep-secure/WDAV-working/manage-event-based-updates-windows-defender-antivirus.md @@ -31,7 +31,7 @@ author: iaanw Windows Defender AV allows to determine if updates should (or should not) occur after certain events, such as at startup or after receiving specific reports from the cloud-delivered protection service. -- Initiate definition update on startip +- Initiate definition update on startup (PS/WMI) - Check for the latest virus and spyware definitions on startup - Allow notifications to disable definitions based reports to MAPS - Allow real-time definition updates based on reports to MAPS diff --git a/windows/keep-secure/WDAV-working/manage-outdated-endpoints-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/manage-outdated-endpoints-windows-defender-antivirus.md index 629f3145f4..dce901e6c8 100644 --- a/windows/keep-secure/WDAV-working/manage-outdated-endpoints-windows-defender-antivirus.md +++ b/windows/keep-secure/WDAV-working/manage-outdated-endpoints-windows-defender-antivirus.md @@ -34,8 +34,8 @@ Windows Defender AV lets you define how long an endpoint can avoid an update bef You can manage the following options with Group Policy, System Center Configuration Manager, Powershell cmdlets, and WMI classes: -- Define the number of days before an endpoint has outdated protection -- Define the number of days after which a catch-up update must occur +- Define the number of days before an endpoint has outdated protection (PS WMI) +- Define the number of days after which a catch-up update must occur (PS WMI) diff --git a/windows/keep-secure/WDAV-working/manage-protection-update-schedule-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/manage-protection-update-schedule-windows-defender-antivirus.md index 0eb237c1ec..3d321abdff 100644 --- a/windows/keep-secure/WDAV-working/manage-protection-update-schedule-windows-defender-antivirus.md +++ b/windows/keep-secure/WDAV-working/manage-protection-update-schedule-windows-defender-antivirus.md @@ -31,9 +31,9 @@ author: iaanw Windows Defender AV lets you determine when it should look for and download updates. -You can schedule updates for your endpoints by: +You can schedule updates for your endpoints by: (WMI PS) SCCM? -- Specifying the day of the week to check for definition updates +- Specifying the day of the week to check for definition updates (WMI PS) - Specifying the interval to check for definition updates - Specifying the time to check for definition updates diff --git a/windows/keep-secure/WDAV-working/manage-updates-mobile-devices-vms-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/manage-updates-mobile-devices-vms-windows-defender-antivirus.md index a93879499c..ef9e279657 100644 --- a/windows/keep-secure/WDAV-working/manage-updates-mobile-devices-vms-windows-defender-antivirus.md +++ b/windows/keep-secure/WDAV-working/manage-updates-mobile-devices-vms-windows-defender-antivirus.md @@ -24,27 +24,27 @@ author: iaanw **Manageability available with** - Group Policy -- System Center Configuration Manager -- PowerShell cmdlets -- Windows Management Instruction (WMI) + Mobile devices and VMs may require additional configuration to ensure performance is not impacted by updates. -There are a number of settings that are particularly useful for these devices: +There are two settings that are particularly useful for these devices: - Opt-in to Microsoft Update on mobile computers without a WSUS connection -- Allow definition updates when running on battery power +- Prevent definition updates when running on battery power -Also see the [Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure (VDI) environment](deployment-vdi-windows-defender-antivirus.md). +The following topics may also be useful in this situations: +- [Configuring scheduled and catch-up scans](scheduled-catch-up-scans-windows-defender-antivirus.md) +- [Manage updates for endpoints that are out of date](manage-outdated-endpoints-windows-defender-antivirus.md) +- [Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure (VDI) environment](deployment-vdi-windows-defender-antivirus.md) - -### Opt-in to Microsoft Update on mobile computers without a WSUS connection +## Opt-in to Microsoft Update on mobile computers without a WSUS connection You can use Microsoft Update to keep definitions on mobile devices running Windows Defender AV up to date when they are not connected to the corporate network or don't otherwise have a WSUS connection. -This means that protection updates can be delivered to devices (via Microsoft Update) even if WSUS overrides Microsoft Update. +This means that protection updates can be delivered to devices (via Microsoft Update) even if you have set WSUS to override Microsoft Update. You can opt-in to Microsoft Update on the mobile device in one of the following ways: @@ -63,7 +63,22 @@ You can opt-in to Microsoft Update on the mobile device in one of the following 2. Click **Advanced** options. 3. Select the checkbox for **Give me updates for other Microsoft products when I update Windows**. +## Prevent definition updates when running on battery power +You can configure Windows Defender AV to only download protection updates when the PC is connected to a wired power source. + +**Use Group Policy to prevent definition updates on battery power:** + +1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**. + +3. In the **Group Policy Management Editor** go to **Computer configuration**. + +4. Click **Policies** then **Administrative templates**. + +5. Expand the tree to **Windows components > Windows Defender Antivurs > Signature Updates** and configure the following setting: + + 1. Double-click the **Allow definition updates when running on battery power** setting and set the option to **Disabled**. + 2. Click **OK**. This will prevent protection updates from downloading when the PC is on battery power. @@ -73,4 +88,3 @@ You can opt-in to Microsoft Update on the mobile device in one of the following - [Manage Windows Defender Antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md) - [Update and manage Windows Defender in Windows 10](get-started-with-windows-defender-for-windows-10.md) -- [Troubleshoot Windows Defender in Windows 10](troubleshoot-windows-defender-in-windows-10.md) diff --git a/windows/keep-secure/WDAV-working/windows-defender-security-center-antivirus.md b/windows/keep-secure/WDAV-working/windows-defender-security-center-antivirus.md new file mode 100644 index 0000000000..ade7b6f610 --- /dev/null +++ b/windows/keep-secure/WDAV-working/windows-defender-security-center-antivirus.md @@ -0,0 +1,90 @@ +--- +title: Windows Defender Antivirus in the Windows Defender Security Center app +description: Windows Defender AV is now included in the Windows Defender Security Center app +keywords: wdav, antivirus, firewall, security, windows +search.product: eADQiWindows 10XVcnh +ms.pagetype: security +ms.prod: w10 +ms.mktglfcycl: manage +ms.sitesec: library +ms.pagetype: security +localizationpriority: medium +author: iaanw +--- + + + + + +# Windows Defender Antivirus in the Windows Defender Security Center app + +**Applies to** + +- Windows 10, version 1703 + +**Audience** + +- End-users + +**Manageability available with** + +- Windows Defender Security Center app + + +In Windows 10, version 1703 (also known as the Creators Update), the Windows Defender app is now part of the Windows Defender Security Center. + +Settings that were previously part of the Windows Defender client and main Windows Settings have been combined and moved to the new app, which is installed by default as part of Windows 10, version 1703. + +The app also includes some settings and the status of the PC (as "device health"), Windows Firewall, Windows Defender SmartScreen Filter, and Parental and Family Controls. + +**Review virus and threat protection settings in the Windows Defender Security Center app:** + +1. Open the Windows Defender Security Center app by clicking the shield icon in the task bar or searching the start menu for **Defender**. + +2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar). + +![Screenshot of the Virus & threat protection settings label in the Windows Defender Security Center](images/defender/wdav-protection-settings-wdsc.png) + +## Comparison of settings and functions of the old app and the new app + +All of the previous functions and settings from the Windows Defender app (in versions of Windows 10 before version 1703) are now found in the new Windows Defender Security app. Settings that were previously located in Windows Settings under **Update & security** > **Windows Defender** are also now in the new app. + +The following diagram identifies where previous settings are now located: + +![IMAGEALT](images/defender/IMAGEFILE.png) + +## Common tasks + +This section describes how to perform some of the most common tasks when reviewing or interacting with the threat protection provided by Windows Defender Antivirus in the new Windows Defender Security app. + +**Run a scan with the Windows Defender Security Center app** + + + + +**Download protection updates in the Windows Defender Security Center app** + + + + +**Ensure Windows Defender Antivirus is enabled in the Windows Defender Security Center app** + + + + +**Add exclusions for Windows Defender Antivirus in the Windows Defender Security Center app** + + + +**Review threat detection history in the Windows Defender Security Center app** + + + + + +## Related topics + +- [Windows Defender in Windows 10](windows-defender-in-windows-10.md) +- [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) + +