This guide will provide background information on creating a new set of Windows Defender settings that will be enforced to the specified onboarded Intune device group.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
Creating a Device Defender Antivirus Rule
- Navigate to the Antivirus – Intune portal, locate and select Create Policy. A pop-out will be generated where you will specify the Operating System Platform scope as Windows and the Profile Type as Microsoft Defender Antivirus. Select Create to proceed.
- You will supply basic identification information such as the Name and Description for the policy. Select Next to proceed.
- All the configuration items related to the Microsoft Defender Antivirus profile type will be listed, configure these controls to meet your desired security needs for your organization. Select Next to continue.
- Scope tag selection can be utilized if desired, it is mainly leveraged with RBAC. Select Next to continue.
- You will be able to configure Group Assignments or Exclusion for the policy, this section will outline the selected groups that will be in scope to have the profile deployed. Select Next to proceed to revisions.
- The review page will allow you to see all configured settings for the policy, if you detect a discrepancy at this stage make note of the section and select Back to go to the previous sections to make the necessary alterations before finalization. If everything checks out, select Save to publish the antivirus policy.
- Upon successful creation the rule will show up in the list of all antivirus policies managed through Intune.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.