deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

added images and sccm steps

Browse Source
This commit is contained in:
Justin Hall 2019-04-25 11:15:34 -07:00
parent cd05923491
commit fe060b8d65
4 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
View File

@ -11,7 +11,7 @@ ms.pagetype: security
ms.localizationpriority: medium ms.localizationpriority: medium
author: andreabichsel author: andreabichsel
ms.author: v-anbic ms.author: v-anbic
ms.date: 09/03/2018 ms.date: 04/26/2019
--- ---
# Enable block at first sight # Enable block at first sight
@ -68,6 +68,23 @@ For more information about configuring Windows Defender Antivirus device restric
For a list of Windows Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus). For a list of Windows Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus).
### Enable block at first sight with SCCM
1. In System Center Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **AntiMalware Policies**.
1. Click **Home** > **Create Antimalware Policy**.
1. Enter a name and a description, and add these settings:
- **Real time protection**
- **Advanced**
- **Cloud Protection Service**
1. In the left column, click **Real time protection**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
![Enable real-time protection](images/defender/wdav-protection-settings-wdsc.png)
1. Click **Advanced**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
![Enable Advanced settings](images/defender/sccm-advanced-settings.png)
1. Click **Cloud Protection Service**, set **Cloud Protection Service membership type** to **Advanced membership**, set **Level for blocking malicious files** to **High**, and set **Allow extended cloud check to block and scan suspicious files for up to (seconds)** to **50** seconds.
![Enable Cloud Protection Service](images/defender/sccm-cloud-protection-service.png)
1. Click **OK** to create the policy.
### Confirm block at first sight is enabled with Group Policy ### Confirm block at first sight is enabled with Group Policy
1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**. 1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.

BIN
windows/security/threat-protection/windows-defender-antivirus/images/defender/sccm-advanced-settings.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 47 KiB

BIN
windows/security/threat-protection/windows-defender-antivirus/images/defender/sccm-cloud-protection-service.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 36 KiB

BIN
windows/security/threat-protection/windows-defender-antivirus/images/defender/sccm-real-time-protection.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 38 KiB