Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune

Today, let’s discuss Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune. Some Important steps are taken to access and configure the settings for Microsoft Defender in the endpoint security antivirus policy.

Intune Endpoint security Antivirus policies provide a centralized approach for security administrators to manage antivirus settings across managed devices efficiently. These policies streamline the process, allowing admins to focus specifically on the discrete group of antivirus configurations.

By utilizing Intune’s centralized administration console, security admins can easily define and enforce antivirus settings for all supported devices within their organization. This eliminates the need for manual configuration on individual devices, saving time and ensuring consistent security measures across the board.

Microsoft Defender for Endpoint introduces a powerful capability called Security Management for Microsoft Defender for Endpoint, allowing you to deploy security configurations from Microsoft Intune directly to your onboarded devices without the need for a complete Microsoft Intune device enrollment process.

Patch My PC

What is Microsoft Defender Antivirus?

Microsoft-Defender

Microsoft Defender Antivirus is a vital component of Microsoft Windows, serving as a robust and comprehensive antivirus software solution. Designed to safeguard Windows devices, it offers a multitude of advanced security features to protect against various types of malware and other threats.

Defender protection is tightly integrated with cloud intelligence to protect Windows 11 PCs. More details – Best Antivirus For Windows 11 Microsoft Defender | App Browser Protection | Firewall Protection.

Adaptiva

Windows CSP – Latest Microsoft Defender Antivirus Configuration Policy Settings

Let’s check the Windows CSP Details for the latest Microsoft Defender Antivirus Configuration Policy Settings in Intune. Defender CSP provides a set of configuration settings that can be applied to Windows devices to control various aspects of Microsoft Defender Antivirus.

CSP URI – ./Device/Vendor/MSFT/Defender/Configuration

Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune - fig.1
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.1

Microsoft Defender in Endpoint Security Antivirus Policy Using Intune

Microsoft consistently updates and improves Defender Antivirus through regular security updates and releases. Sign in to the Microsoft Intune admin center with your Intune administrator account. On the left side of Intune admin center, select Endpoint Security. Select Antivirus from Endpoint Security.

  • Click the Create Policy option below to create MS Defender in the endpoint security Antivirus Policy.
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune - fig.2
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.2

Windows Defender Antivirus is the next-generation protection component of Microsoft Defender for Endpoint. Next-generation protection brings together machine learning, big data analysis, in-depth threat resistance, and cloud infrastructure to protect devices in your enterprise organization.

  • Select the Platform as Windows 10, Windows 11, and Windows Server
  • Select the Profile as Microsoft Defender Antivirus
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune - fig.3
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.3

Under the Basic tab, enter the name and description as “Microsoft Defender in endpoint security antivirus policy.” And also, select the platform as Windows 10 and later. Select the Next button from the Basic tab.

Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune - fig.4
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.4

Configuration Settings for Microsoft Defender Antivirus

The Configuration page within Microsoft Intune is the central hub for managing various settings and configurations for your organization’s devices. This intuitive page provides a comprehensive overview of templates with their respective default values, allowing administrators to navigate and customize configurations as needed easily.

The following tables give you the exact details of the “Microsoft Defender in endpoint security antivirus policy as per Microsoft Engineering Teams recommendations. It includes the Existing policy and the New policy.

Existing Configuration Policy for Microsoft Defender Antivirus

Let’s discuss the existing configuration policy for Microsoft Defender Antivirus. The below table shows the existing configuration policy for Microsoft Defender Antivirus.

Existing Configuration Policy for Microsoft Defender AntivirusNot configured/Configured
Allow Archie ScanningNot configured
Allow Behavior MonitoringNot configured
Allow Cloud ProtectionNot configured
Allow Email ScanningNot configured
Allow Full Scan On Mapped Network DrivesNot configured
Allow Full Scan Removable Drive ScanningNot configured
Deprecated) Allow Intrusion Prevention SystemNot configured
Allow Scanning of all downloaded files and attachmentsNot configured
Allow Realtime MonitoringNot configured
Allow Scanning Network FilesNot configured
Allow Script ScanningNot configured
Allow User UI AccessNot configured
Avg CPU Load FactorNot configured
Check For Signatures Before Running ScanNot configured
Cloud Block LevelNot configured
Cloud Extended TimeoutNot configured
Days To Retain Cleaned MalwareNot configured
Disable Catchup Full ScanNot configured
Disable Catchup Quick ScanNot configured
Enable Low CPU PriorityNot configured
Enable Network ProtectionNot configured
Excluded PathsNot configured
Excluded ProcessesNot configured
PUA ProtectionNot configured
Real Time Scan DirectionNot configured
Schedule Quick Scan TimeNot configured
Scan ParameterNot configured
Schedule Scan DayNot configured
Schedule Scan TimeNot configured
Signature Update Fallback OrderNot configured
Signature Update File Shares SourcesNot configured
Signature Update IntervalNot configured
Sublit Samples ConsentNot configured
Disable Local Admin MergeNot configured
Allow On Access ProtectionNot configured
Security Intelligence Update ChannelNot configured
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – Table 1

New Configuration Policy Introduced in Service Release 2305

Let’s learn about the New Configuration Policy Introduced in Service Release 2305. The below table shows the New Configuration Policy Introduced in Service Release 2305.

New Configuration PolicyNot configured/Configured
Metered Connection UpdatesNot configured
Disable Tls parsingNot configured
Disable Http parsingHTTP parsing is enabled
Disable Dns ParsingNot configured
Disable Dns Over Tcp parsingDNS over TCP parsing is enabled
Disable Ssh parsingNot configured
Platform Updates ChannelNot configured
Engine Updates ChannelNot configured
Security Intelligence Updates ChannelNot configured
Allow Network Protection Down LevelNetwork protection will be enabled downlevel
Allow Datagram Processing On Win ServerDatagram processing on Windows Server is enabled
Enable Dns SinkholeNot configured
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – Table 2
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune  - fig.5
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.5

Scope tags in Microsoft Intune are a crucial feature that allows administrators to group and manage resources within their organization logically. With scope tags, administrators can assign tags to various resources in Intune, such as policies, profiles, apps, device groups, and more.

  • Select Scope tags as Default.
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune - fig.6
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.6

The assignments tab in Intune helps you to add groups. The Assignment tab shows all the included groups, excluded groups, etc. You cannot mix user and device groups across include and exclude when excluding groups.

Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune - fig.7
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.7

The screenshot below shows the “Select group to include a window.” The select groups to include window helps you to include a group. You can easily search a group using the search box as shown in the below window.

Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune - fig.8
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.8

The Review + Create window helps you to show the Name, Description, Platform, Configuration settings, Scope tags, Assignments, etc. Selecting the Create button from the below window enables you to create a new Microsoft Defender in the endpoint security antivirus policy in Intune portal.

Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune - fig.9
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.9

In the below window, you can see that the Profile has been created successfully. And it helps you to show the details such as policy name, policy type, assigned, platform target, etc. The policy type is Microsoft Defender Antivirus, Assigned as Yes.

Updated Settings for Microsoft Defender in Endpoint Security Antivirus Policy Using Intune - fig.10
Updated Settings for Microsoft Defender in Endpoint Security Antivirus Policy Using Intune – fig.10

Intune Reports for Microsoft Defender in Endpoint Security Antivirus Policy

The below window shows the Intune Reports for Microsoft Defender in endpoint security antivirus policy. By checking the device and user check-in status, they can verify the successful application of the policy. For a more comprehensive view, clicking on “View Report” provides access to additional details.

Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune - fig.11
Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune – fig.11

Reference Site – What’s new in Microsoft Intune | Microsoft Learn

Author

About Author Vidya is a computer enthusiast. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She loves writing on Windows 11 and related technologies. She is also keen to find solutions and write about day-to-day tech problems.

1 thought on “Latest Microsoft Defender Antivirus Configuration Policy Settings in Intune”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.