39 KiB
title, description, ms.author, ms.topic, ms.prod, ms.technology, author, ms.localizationpriority, ms.date, ms.reviewer, manager
| title | description | ms.author | ms.topic | ms.prod | ms.technology | author | ms.localizationpriority | ms.date | ms.reviewer | manager |
|---|---|---|---|---|---|---|---|---|---|---|
| Policy CSP - WindowsDefenderSecurityCenter | Learn how to use the Policy CSP - WindowsDefenderSecurityCenter setting to display the Account protection area in Windows Defender Security Center. | dansimp | article | w10 | windows | manikadhiman | medium | 09/27/2019 | dansimp |
Policy CSP - WindowsDefenderSecurityCenter
WindowsDefenderSecurityCenter policies
- WindowsDefenderSecurityCenter/CompanyName
- WindowsDefenderSecurityCenter/DisableAccountProtectionUI
- WindowsDefenderSecurityCenter/DisableAppBrowserUI
- WindowsDefenderSecurityCenter/DisableClearTpmButton
- WindowsDefenderSecurityCenter/DisableDeviceSecurityUI
- WindowsDefenderSecurityCenter/DisableEnhancedNotifications
- WindowsDefenderSecurityCenter/DisableFamilyUI
- WindowsDefenderSecurityCenter/DisableHealthUI
- WindowsDefenderSecurityCenter/DisableNetworkUI
- WindowsDefenderSecurityCenter/DisableNotifications
- WindowsDefenderSecurityCenter/DisableTpmFirmwareUpdateWarning
- WindowsDefenderSecurityCenter/DisableVirusUI
- WindowsDefenderSecurityCenter/DisallowExploitProtectionOverride
- WindowsDefenderSecurityCenter/Email
- WindowsDefenderSecurityCenter/EnableCustomizedToasts
- WindowsDefenderSecurityCenter/EnableInAppCustomization
- WindowsDefenderSecurityCenter/HideRansomwareDataRecovery
- WindowsDefenderSecurityCenter/HideSecureBoot
- WindowsDefenderSecurityCenter/HideTPMTroubleshooting
- WindowsDefenderSecurityCenter/HideWindowsSecurityNotificationAreaControl
- WindowsDefenderSecurityCenter/Phone
- WindowsDefenderSecurityCenter/URL
WindowsDefenderSecurityCenter/CompanyName
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
The company name that is displayed to the users. CompanyName is required for both EnableCustomizedToasts and EnableInAppCustomization. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices will not display the contact options.
Value type is string. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Specify contact company name
- GP name: EnterpriseCustomization_CompanyName
- GP element: Presentation_EnterpriseCustomization_CompanyName
- GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
WindowsDefenderSecurityCenter/DisableAccountProtectionUI
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy setting to specify if to display the Account protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.
ADMX Info:
- GP Friendly name: Hide the Account protection area
- GP name: AccountProtection_UILockdown
- GP path: Windows Components/Windows Defender Security Center/Account protection
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
Valid values:
- 0 - (Disable) The users can see the display of the Account protection area in Windows Defender Security Center.
- 1 - (Enable) The users cannot see the display of the Account protection area in Windows Defender Security Center.
WindowsDefenderSecurityCenter/DisableAppBrowserUI
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy setting if you want to disable the display of the app and browser protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.
Value type is integer. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Hide the App and browser protection area
- GP name: AppBrowserProtection_UILockdown
- GP path: Windows Components/Windows Defender Security Center/App and browser protection
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) The users can see the display of the app and browser protection area in Windows Defender Security Center.
- 1 - (Enable) The users cannot see the display of the app and browser protection area in Windows Defender Security Center.
WindowsDefenderSecurityCenter/DisableClearTpmButton
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Disable the Clear TPM button in Windows Security.
Enabled: The Clear TPM button will be unavailable for use.
Disabled: The Clear TPM button will be available for use on supported systems.
Not configured: Same as Disabled.
Supported values:
- 0 - Disabled (default)
- 1 - Enabled
ADMX Info:
- GP Friendly name: Disable the Clear TPM button
- GP name: DeviceSecurity_DisableClearTpmButton
- GP path: Windows Components/Windows Security/Device security
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
WindowsDefenderSecurityCenter/DisableDeviceSecurityUI
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy setting if you want to disable the display of the Device security area in the Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.
ADMX Info:
- GP Friendly name: Hide the Device security area
- GP name: DeviceSecurity_UILockdown
- GP path: Windows Components/Windows Defender Security Center/Device security
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
Valid values:
- 0 - (Disable) The users can see the display of the Device security area in Windows Defender Security Center.
- 1 - (Enable) The users cannot see the display of the Device security area in Windows Defender Security Center.
WindowsDefenderSecurityCenter/DisableEnhancedNotifications
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy if you want Windows Defender Security Center to only display notifications which are considered critical. If you disable or do not configure this setting, Windows Defender Security Center will display critical and non-critical notifications to users.
Note
If Suppress notification is enabled then users will not see critical or non-critical messages.
Value type is integer. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Hide non-critical notifications
- GP name: Notifications_DisableEnhancedNotifications
- GP path: Windows Components/Windows Defender Security Center/Notifications
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) Windows Defender Security Center will display critical and non-critical notifications to users..
- 1 - (Enable) Windows Defender Security Center only display notifications which are considered critical on clients.
WindowsDefenderSecurityCenter/DisableFamilyUI
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy setting if you want to disable the display of the family options area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.
Value type is integer. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Hide the Family options area
- GP name: FamilyOptions_UILockdown
- GP path: Windows Components/Windows Defender Security Center/Family options
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) The users can see the display of the family options area in Windows Defender Security Center.
- 1 - (Enable) The users cannot see the display of the family options area in Windows Defender Security Center.
WindowsDefenderSecurityCenter/DisableHealthUI
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy setting if you want to disable the display of the device performance and health area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.
Value type is integer. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Hide the Device performance and health area
- GP name: DevicePerformanceHealth_UILockdown
- GP path: Windows Components/Windows Defender Security Center/Device performance and health
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) The users can see the display of the device performance and health area in Windows Defender Security Center.
- 1 - (Enable) The users cannot see the display of the device performance and health area in Windows Defender Security Center.
WindowsDefenderSecurityCenter/DisableNetworkUI
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy setting if you want to disable the display of the firewall and network protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.
Value type is integer. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Hide the Firewall and network protection area
- GP name: FirewallNetworkProtection_UILockdown
- GP path: Windows Components/Windows Defender Security Center/Firewall and network protection
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) The users can see the display of the firewall and network protection area in Windows Defender Security Center.
- 1 - (Enable) The users cannot see the display of the firewall and network protection area in Windows Defender Security Center.
WindowsDefenderSecurityCenter/DisableNotifications
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy setting if you want to disable the display of Windows Defender Security Center notifications. If you disable or do not configure this setting, Windows Defender Security Center notifications will display on devices.
Value type is integer. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Hide all notifications
- GP name: Notifications_DisableNotifications
- GP path: Windows Components/Windows Defender Security Center/Notifications
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) The users can see the display of Windows Defender Security Center notifications.
- 1 - (Enable) The users cannot see the display of Windows Defender Security Center notifications.
WindowsDefenderSecurityCenter/DisableTpmFirmwareUpdateWarning
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Hide the recommendation to update TPM Firmware when a vulnerable firmware is detected.
Enabled: Users will not be shown a recommendation to update their TPM Firmware.
Disabled: Users will see a recommendation to update their TPM Firmware if Windows Security detects the system contains a TPM with vulnerable firmware.
Not configured: Same as Disabled.
Supported values:
- 0 - Disabled (default)
- 1 - Enabled
ADMX Info:
- GP Friendly name: Hide the TPM Firmware Update recommendation.
- GP name: DeviceSecurity_DisableTpmFirmwareUpdateWarning
- GP path: Windows Components/Windows Security/Device security
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
WindowsDefenderSecurityCenter/DisableVirusUI
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy setting if you want to disable the display of the virus and threat protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.
Value type is integer. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Hide the Virus and threat protection area
- GP name: VirusThreatProtection_UILockdown
- GP path: Windows Components/Windows Defender Security Center/Virus and threat protection
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) The users can see the display of the virus and threat protection area in Windows Defender Security Center.
- 1 - (Enable) The users cannot see the display of the virus and threat protection area in Windows Defender Security Center.
WindowsDefenderSecurityCenter/DisallowExploitProtectionOverride
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Prevent users from making changes to the exploit protection settings area in the Windows Defender Security Center. If you disable or do not configure this setting, local users can make changes in the exploit protection settings area.
Value type is integer. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Prevent users from modifying settings
- GP name: AppBrowserProtection_DisallowExploitProtectionOverride
- GP path: Windows Components/Windows Defender Security Center/App and browser protection
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) Local users are allowed to make changes in the exploit protection settings area.
- 1 - (Enable) Local users cannot make changes in the exploit protection settings area.
WindowsDefenderSecurityCenter/Email
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
The email address that is displayed to users. The default mail application is used to initiate email actions. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices will not display contact options.
Value type is string. Supported operations are Add, Get, Replace and Delete.
ADMX Info:
- GP Friendly name: Specify contact email address or Email ID
- GP name: EnterpriseCustomization_Email
- GP element: Presentation_EnterpriseCustomization_Email
- GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
WindowsDefenderSecurityCenter/EnableCustomizedToasts
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Enable this policy to display your company name and contact options in the notifications. If you disable or do not configure this setting, or do not provide CompanyName and a minimum of one contact method (Phone using Skype, Email, Help portal URL) Windows Defender Security Center will display a default notification text.
Value type is integer. Supported operations are Add, Get, Replace, and Delete.
ADMX Info:
- GP Friendly name: Configure customized notifications
- GP name: EnterpriseCustomization_EnableCustomizedToasts
- GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) Notifications contain a default notification text.
- 1 - (Enable) Notifications contain the company name and contact options.
WindowsDefenderSecurityCenter/EnableInAppCustomization
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Enable this policy to have your company name and contact options displayed in a contact card fly out in Windows Defender Security Center. If you disable or do not configure this setting, or do not provide CompanyName and a minimum of one contact method (Phone using Skype, Email, Help portal URL) Windows Defender Security Center will not display the contact card fly out notification.
Value type is integer. Supported operations are Add, Get, Replace, and Delete.
ADMX Info:
- GP Friendly name: Configure customized contact information
- GP name: EnterpriseCustomization_EnableInAppCustomization
- GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
The following list shows the supported values:
- 0 - (Disable) Do not display the company name and contact options in the card fly out notification.
- 1 - (Enable) Display the company name and contact options in the card fly out notification.
WindowsDefenderSecurityCenter/HideRansomwareDataRecovery
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy setting to hide the Ransomware data recovery area in Windows Defender Security Center.
ADMX Info:
- GP Friendly name: Hide the Ransomware data recovery area
- GP name: VirusThreatProtection_HideRansomwareRecovery
- GP path: Windows Components/Windows Defender Security Center/Virus and threat protection
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
Valid values:
- 0 - (Disable or not configured) The Ransomware data recovery area will be visible.
- 1 - (Enable) The Ransomware data recovery area is hidden.
WindowsDefenderSecurityCenter/HideSecureBoot
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy to hide the Secure boot area in the Windows Defender Security Center.
ADMX Info:
- GP Friendly name: Hide the Secure boot area
- GP name: DeviceSecurity_HideSecureBoot
- GP path: Windows Components/Windows Defender Security Center/Device security
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
Valid values:
- 0 - (Disable or not configured) The Secure boot area is displayed.
- 1 - (Enable) The Secure boot area is hidden.
WindowsDefenderSecurityCenter/HideTPMTroubleshooting
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
Use this policy to hide the Security processor (TPM) troubleshooting area in the Windows Defender Security Center.
ADMX Info:
- GP Friendly name: Hide the Security processor (TPM) troubleshooter page
- GP name: DeviceSecurity_HideTPMTroubleshooting
- GP path: Windows Components/Windows Defender Security Center/Device security
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
Valid values:
- 0 - (Disable or not configured) The Security processor (TPM) troubleshooting area is displayed.
- 1 - (Enable) The Security processor (TPM) troubleshooting area is hidden.
WindowsDefenderSecurityCenter/HideWindowsSecurityNotificationAreaControl
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
This policy setting hides the Windows Security notification area control.
The user needs to either sign out and sign in or reboot the computer for this setting to take effect.
Enabled: Windows Security notification area control will be hidden.
Disabled: Windows Security notification area control will be shown.
Not configured: Same as Disabled.
Supported values:
- 0 - Disabled (default)
- 1 - Enabled
ADMX Info:
- GP Friendly name: Hide Windows Security Systray
- GP name: Systray_HideSystray
- GP path: Windows Components/Windows Security/Systray
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
WindowsDefenderSecurityCenter/Phone
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
The phone number or Skype ID that is displayed to users. Skype is used to initiate the call. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices will not display contact options.
Value type is string. Supported operations are Add, Get, Replace, and Delete.
ADMX Info:
- GP Friendly name: Specify contact phone number or Skype ID
- GP name: EnterpriseCustomization_Phone
- GP element: Presentation_EnterpriseCustomization_Phone
- GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
- GP ADMX file name: WindowsDefenderSecurityCenter.admx
WindowsDefenderSecurityCenter/URL
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | Yes | Yes |
| Pro | Yes | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
The help portal URL this is displayed to users. The default browser is used to initiate this action. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then the device will not display contact options.
Value type is Value type is string. Supported operations are Add, Get, Replace, and Delete.
ADMX Info:
- GP Friendly name: Specify contact website
- GP name: EnterpriseCustomization_URL
- GP element: Presentation_EnterpriseCustomization_URL
- GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
- GP ADMX file name: WindowsDefenderSecurityCenter.admx