Best Antivirus for Windows 11 Microsoft Defender | App Browser Protection | Firewall Protection

Let’s understand Free and Best Antivirus for Windows 11 Microsoft Defender. This post covers the features of this antivirus solution built-in to Windows 11 called Defender. I have not used any 3rd party antivirus solution to protect Windows 11 and Windows 10 PCs for many years.

The best Windows Security solution should be comprehensive, and it should not be just a software antivirus solution. Microsoft’s antivirus solution built-in to Windows 11 gives end-to-end protection from the hardware layer to the cloud.

There are many paid antivirus solutions in the market for Windows 11 PC. Do we need to purchase a paid antivirus solution? Why is the free and best solution for Microsoft Defender or Windows Defender the built-in Windows 11 security solution?

Patch My PC

Read More New Cloud-Based Microsoft Defender App For Home Users | Step By Step User Guide

Windows 10 and Windows 11 include Windows Security, which provides the latest antivirus protection with Microsoft Defender. Defender protection is tightly integrated with cloud intelligence to protect Windows 11 PCs.

Many comprehensive and unique security features are provided by Microsoft Defender or Windows Defender antivirus solutions. Let’s go the Let’s understand the built-in Windows 11 security features before you decide to purchase a paid antivirus solution.

Windows 11 Security Overview

Let’s learn more about WiLet’s Security here. This is built-in to Windows and includes an antivirus program called Microsoft Defender Antivirus.

Hardware and software work together for protection from the CPU all the way to the cloud in Windows 11. Microsoft shared the layers of protection in this simple diagram and gave us a brief overview of their security priorities below.

  • Hardware Chip Security
  • Operating System Security
  • Application Security
  • Identity and Privacy Security
  • Cloud Security
Free Best Antivirus for Windows 11 Microsoft Defender | App Browser Protection | Firewall Protection
Free Best Antivirus for Windows 11 Microsoft Defender | App Browser Protection | Firewall Protection

Security at a Glance with Free antivirus app for Windows 11

Let’s have a quick WiLet’s 11 Security at a Glance. Windows 11 Security includes eight (8) components to keep your PCs secured from all angles using Microsoft Defender. This gives you a quick understanding of why I’m not suing any 3rdI’mrty antivirus solution.

  1. Virus & Thread protection
  2. Account Protection
  3. Firewall and Network Protection
  4. App& Browser Control
  5. Device Security
  6. Device Performance and Health
  7. Family Options
  8. Protection History
Free Best Antivirus for Windows 11 Microsoft Defender | App Browser Protection | Firewall Protection
Free Best Antivirus for Windows 11 Microsoft Defender | App Browser Protection | Firewall Protection – Free antivirus app for Windows 11

Core Isolation – Device Security Component from Windows Security

Let’s look at the devLet’security component available in Windows Security and Microsoft Defender Antivirus solution. Secured-core PCs defend at the firmware level with multiple layers of protection enabled,
helping ensure that devices launch safely in a hardware-controlled state.

There are three (3) subcategories of the Device security section. The device security that comes built into Windows 11 device.

  • Core Isolation – Virtualisation based security that protects the core parts of your device.
    • Memory Integrity – Prevents attacks from inserting malicious code into high-security processes.
  • Security Processor – Your security processor, called the trusted platform module(TPM), is providing additional enchryption for your device.
  • Security Boot – Secure boot is on, preventing malicious software from loading when your device starts up.

You can launch Windows Security from the Start menu – Search option. Select the Device Security tab to check hardware-related security configuration.

Core Isolation - Device Security Component from Windows Security - Free antivirus app for Windows 11
Core Isolation – Device Security Component from Windows Security – Free antivirus app for Windows 11

Virus & Thread protection with Microsoft Defender

This is where you configure scheduled Microsoft Defender antivirus scanning and the Quick scanning option. The monitor threats to your device, run scans and get updates to help detect the latest threats.

  • Quick Scan – Checks folders in your system where threats are commonly found.
  • Full Scan – Check all files and running programmes on your hard disk. This scan could take longer than one hour.
  • Customised Scan – Choose which files and locations you want to check.
  • Microsoft Defender Offline Scan – Some malicious software can be particularly difficult to remove from your device. Microsoft Defender Offline can help and remove them using up-to-date threat definitions. This will restart your device and will take about 15 minutes.

You can change the Microsoft Defender configuration from Start SettingsUpdate & Security Windows Security and then Virus & threat protection – Manage settings.

Virus & Thread protection with Microsoft Defender Free antivirus app for Windows 11
Virus & Thread protection with Microsoft Defender – Free antivirus app for Windows 11

Account Protection – Securing Identity using Microsoft Defender

Let’s check and understand what’s the Account Protection options available with Microsoft Defender. Securing Identity using Microsoft Defender is one of the free and best capabilities of Windows 11 security.

This section will give you the details, such as which account is used to log in to the Windows 11 PC. It also provides the details about Windows Hello configuration of the PC. Account protection gives you the details of whether the dynamic protection is enabled or not.

The following three features are pillars towards the protection of Windows 11 identity. Account protection options include the details of:

  • Microsoft Account
  • Windows Hello
  • Dynamic lock
Best Antivirus for Windows 11 Microsoft Defender | App Browser Protection | Firewall Protection Account Protection - Securing Identity using Microsoft Defender
Account Protection – Securing Identity using Microsoft Defender

Firewall and Network Protection Options of Microsoft Defender

Let’s check the Firewall and Network Protection options of Microsoft Defender. The different application firewall and network protection options are available. You have the option to turn Microsoft Defender Firewall on or off.

I don’t recommend turning off Defender Firewall. You can define Who and What can access your network from Windows 11 PC. Following are the network options available for the firewall.

  • Domain Network (Workgroup)
  • Private Network (Discovarble)
  • Public Network (Non discoverable)

Manage the firewall settings and monitor what’s happening with your networks and internet connections. You will have options to block all incoming connections from this section of Windows Security.

There are many granular controls on the Firewall and Network options (via old Windows 10 UI), such as Allowing an app through the firewall, Network & Internet troubleshooter, Firewall notification settings, Advanced settings, and Restore firewalls to default.

Related PostCheck Firewall Port is Open or Block on Windows 11 using PowerShell Command

You can launch Windows Security configurations from the Start menu – Search option. Select the Firewall & Network Protection tab from the Windows Security app to configure firewall settings.

Firewall and Network Protection Options of Microsoft Defender Best Antivirus for Windows 11
Firewall and Network Protection Options of Microsoft Defender – Best Antivirus for Windows 11

App & browser control Protection with Microsoft Defender

App and Browser settings are additional features available with the free and best Windows 11 Antivirus solution called Microsoft Defender. You’ll have exploit protection, and you can customize protection settings for Windows devices.

These settings help to block unrecognized apps, files, malicious sites, downloads, and web content. The App & browser control settings within Microsoft Defender SmartScreen helps to protect Windows 11 devices against potentially dangerous:

  • Apps
  • Files
  • Sites
  • Downloads

The three (3) pillars of app and browser protection with Microsoft Defender are Reputation-based protection, Isolated browsing, and Exploit protection. You can launch Windows Security from the Start menu – Search options and navigate App & Browser Control.

App & browser control Protection with Microsoft Defender
Best Antivirus for Windows 11 – App & browser control Protection with Microsoft Defender

Device Performance and Health

The Device Performance and Health option available with Microsoft defender, the free and best Windows 11 antivirus, helps to view status info about Windows 11 device’s performance health. This also keeps Windows devices clean and up to date with the latest version of Windows.

The Health report starts when the Device Health scan was the last run on Windows 11 PC. The health scan report highlights the following components. If there are any health issues, they will be highlighted in the Windows 11 Health Reports.

  • Storage Capacity
  • Battery life
  • Apps and Software
  • Windows Time Service

You can launch the Windows Security from the Start menu – Search options and navigate to Device performance & Health tab to check configs.

Free antivirus app for Windows 11
Best Antivirus for Windows 11 – Device Performance and Health – Free antivirus app for Windows 11

Microsoft Defender – Management using Intune MEM

You can manage Microsoft Defender policies with Microsoft Endpoint Manager Intune. There are different ways to manage a Defender policy. The preferred and easiest method (using security baseline template) for smaller organizations is explained in the following post.

Read More – Intune Security Baseline Microsoft Defender Policy Troubleshooting Tips

Another method in Intune called Settings catalog policies is to configure Microsoft Defender policies. You can read more Configure Microsoft Defender SmartScreen Using Intune.

Author

Anoop is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.