Deploy, manage, and report on Windows Defender Antivirus. 4 minutes to read. Contributors. In this article Applies to:.

You can deploy, manage, and report on Windows Defender Antivirus in a number of ways. Because the Windows Defender Antivirus client is installed as a core part of Windows 10, traditional deployment of a client to your endpoints does not apply. However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, System Center Configuration Manager, Azure Security Center, or Group Policy Objects, which is described in the following table.

You'll also see additional links for:. Managing Windows Defender Antivirus protection, including managing product and protection updates. Reporting on Windows Defender Antivirus protection. Important In most cases, Windows 10 will disable Windows Defender Antivirus if it finds another antivirus product that is running and up-to-date. You must disable or uninstall third-party antivirus products before Windows Defender Antivirus will function. If you re-enable or install third-party antivirus products, then Windows 10 automatically disables Windows Defender Antivirus.

Tool Deployment options Management options (network-wide configuration and policy or baseline deployment) Reporting options Microsoft Intune System Center Configuration Manager Use the and With and With the default and Group Policy and Active Directory (domain-joined) Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled. Use Group Policy Objects (GPOs) to and Endpoint reporting is not available with Group Policy. You can generate a list of PowerShell Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints. Use the and cmdlets available in the Defender module Use the appropriate Windows Management Instrumentation Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints. Use the and the Use the class and the get method of associated classes in the Microsoft Azure Deploy Microsoft Antimalware for Azure in the. You can also Configure or Use to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the report and configure an SIEM tool to report on and add that tool as an app in AAD.

The availability of some functions and features, especially related to cloud-delivered protection, differ between System Center Configuration Manager (Current Branch) and System Center Configuration Manager 2012. In this library, we've focused on Windows 10, Windows Server 2016, and System Center Configuration Manager (Current Branch).

See for a table that describes the major differences. In Windows 10, Windows Defender Antivirus is a component available without installation or deployment of an additional client or service. It will automatically be enabled when third-party antivirus products are either uninstalled or out of date.

Traditional deployment therefore is not required. Deployment here refers to ensuring the Windows Defender Antivirus component is available and enabled on endpoints or servers.

Configuration of features and protection, including configuring product and protection updates, are further described in the section in this library. In this section Topic Description While the client is installed as a core part of Windows 10, and traditional deployment does not apply, you will still need to enable the client on your endpoints with System Center Configuration Manager, Microsoft Intune, or Group Policy Objects. There are two parts to updating Windows Defender Antivirus: updating the client on endpoints (product updates), and updating definitions (protection updates). You can update definitions in a number of ways, using System Center Configuration Manager, Group Policy, PowerShell, and WMI. You can use Microsoft Intune, System Center Configuration Manager, the Update Compliance add-in for Microsoft Operations Management Suite, or a third-party SIEM product (by consuming Windows event logs) to monitor protection status and create reports about endpoint protection.

The Display list shows all the reports that can be generated. Expanding the AntiVirus heading displays the reports associated with antivirus activities:. Why can't we have directory services like open directory (for mac 2017. AntiVirus Definition Version Status.

Free Mac Antivirus

Endpoint/Groups with Infections by Date The report description provides a brief overview of the report type that is selected, along with its type, category, and format. The Parameters list specifies the data to use for the report. Both antivirus reports have Endpoints and Groups parameters.

Bitdefender Antivirus For Mac

In addition, the Endpoint/Groups with Infections by Date report has a Date Range parameter. There are two Generate Report buttons. They both produce the same output. The Options section enables you to refine the Endpoints and Groups parameter selection. It contains the following: Search field and button Available list Selected list.