Turn on Cloud Protection for Windows 11 Microsoft Defender Using Intune

Let’s see how to turn on Cloud Protection in Windows 11 Microsoft Defender Using Intune. Cloud protection works together with Microsoft Defender Antivirus to deliver protection to your endpoints much faster than through traditional security intelligence updates. 

Microsoft Defender Antivirus cloud protection helps protect against malware on your endpoints and across your network. We recommend keeping cloud protection turned on because certain security features and capabilities in Microsoft Defender for Endpoint only work when cloud protection is enabled.

Cloud protection is enabled by default. However, you might need to re-enable it if it has been disabled as part of previous organizational policies. You can enable cloud protection with Microsoft Intune, Group Policy, or PowerShell cmdlets.

You can specify the level of protection, and The protection level affects the amount of information shared with the cloud and how aggressively new files are blocked.

Patch My PC

Cloud protection and automatic sample submission works together with Microsoft Defender Antivirus to deliver accurate, real-time, and intelligent protection. Microsoft Defender Antivirus works seamlessly with Microsoft cloud services.

Turn on Cloud Protection Using Intune

The following steps help you to turn on cloud protection using Intune –

  • Sign in to the Endpoint Manager Intune portal https://endpoint.microsoft.com/
  • Select Devices > Windows > Configuration profiles > Create profile

Note : You can also access the setting to manage cloud protection, Choose Endpoint security > Antivirus.

Create Intune Configuration Profiles - Turn on Cloud Protection Using Intune 1
Create Intune Configuration Profiles – Turn on Cloud Protection Using Intune 1

In Create Profile, Select Platform, Windows 10, and later and Profile, Select Profile Type as Settings catalog. Click on Create button.

Select Platform, Profile Type - Turn on Cloud Protection Using Intune 2
Select Platform, Profile Type – Turn on Cloud Protection Using Intune 2

On the Basics tab, enter a descriptive name, such as Turn On Cloud Protection or Turn On Cloud Protection for Microsoft Defender Antivirus. Optionally, enter a Description for the policy, then select Next.

Specify Basics Information - Turn on Cloud Protection Using Intune 3
Specify Basics Information – Turn on Cloud Protection Using Intune 3

In Configuration settings, click Add settings to browse or search the catalog for the settings you want to configure.

Click + Add Settings - Turn on Cloud Protection Using Intune 4
Click + Add Settings – Turn on Cloud Protection Using Intune 4

On the Settings Picker windows, use the search box and type Cloud Protection, and click Search. Select the Defender category and double click on the category to see the settings name.

Select Allow Cloud Protection. After adding your settings, click the cross mark at the right-hand corner to close the settings picker.

Select Defender - Allow Cloud Protection
Select Defender – Allow Cloud Protection

The setting is shown and configured with a default value Allowed. Turns on Cloud Protection. Click on Next.

Allow Cloud Protection - Allowed. Turns on Cloud Protection
Allow Cloud Protection – Allowed. Turns on Cloud Protection

Under Assignments, In Included groups, click Add groups and then choose Select groups to include one or more groups. Click Next to continue.

Assignments - Turn on Cloud Protection Using Intune 5
Assignments – Turn on Cloud Protection Using Intune 5

In Scope tags, you can assign a tag to filter the profile to specific IT groups. Add scope tags (if required) and click Next.

In Review + create, review your settings. When you select Create, your changes are saved, and the profile is assigned.

Review Profile - Turn on Cloud Protection Using Intune 6
Review Profile – Turn on Cloud Protection Using Intune 6

A notification will appear automatically in the top right-hand corner with a message. You can see that Policy “Turn On Cloud Delivered Protection” created successfully. The policy is also shown in the Configuration profiles list.

Your groups will receive your profile settings when the devices check in with the Intune service the policy applies to the device

Intune Reporting

You can check Intune settings catalog profile report from Intune Portal, which provides an overall view of device configuration policies and deployment status.

To monitor the policy assignment, from the list of Configuration Profiles, select the policy, and here you can check the device and user check-in status. If you click View Report, additional details are displayed.

Additionally, you can quickly check the update as devices/users check-in status reports –

Intune Reporting - Configure Cloud Protection
Intune Reporting – Configure Cloud Protection

You can use REGEDIT.exe on a target computer to view the registry settings that store group policy settings. These settings are located at the registry path HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Defender\AllowCloudProtection Value Data SpynetReporting

Validate Registry - Turn on Cloud Protection
Validate Registry – Turn on Cloud Protection

Open Windows Security, Click on Virus & threat protection. Next Click on the Manage settings under Virus & threat protection settings.

Here you can see Cloud-delivered protection is set On.

Turn on cloud protection in Microsoft Defender Antivirus
Turn on cloud protection in Microsoft Defender Antivirus

Author

About Author – Jitesh, Microsoft MVP, has over five years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.