This guide will provide background information on modifying an existing set of Windows Defender settings.
Defender Antivirus
Microsoft Defender Antivirus is a built-in antivirus for Windows OS that protects against all types of malware. It works with Microsoft Defender for Endpoint to provide protection on the device and in the cloud. It is deployable through Intune MDM, which allows a deep configuration scope of scan type, enforcement levels, and duration as well as the ability to restrict end user interference with the security controls which will harden the systems from tampering incidents.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
Modifying a Device Defender Antivirus Rule
- Navigate to Antivirus – Intune, select the policy you wish to alter.
- Locate the Properties section of the profile, 4 points of interest will be available to Edit. You can modify the sections as needed.
- Basics: Adjusts non-functional items of the rule, such as the Name or Description.
- Assignments: Specifies which groups will be included or excluded from policy enforcement.
- Scope tags: Specifies which administrators can view and alter this object.
- Configuration Settings: Allows you to set the specific enforcement for Defender Antivirus Scanning parameters.
- Basics: Adjusts non-functional items of the rule, such as the Name or Description.
- The Sections will all have the same prompt for adjustments, either add, remove, or delete the setting and select Review + Save to finalize the changes.
- Once on the revisions page, if all the necessary adjustments look correct, select Save to finalize the modification process.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.