50. How to Configure Microsoft Defender Antivirus Policy with Intune

MSFT WebCast
21 Apr 202311:28

Summary

TLDRThis video demonstrates how to configure Microsoft Defender Antivirus policies using Microsoft Intune. It covers steps such as signing into Microsoft Endpoint Manager, selecting device groups, and creating antivirus policies for Windows devices. The tutorial explains configuring antivirus settings like archive scanning, real-time monitoring, and cloud protection. It also discusses how policy merge works and how conflicts are resolved. The video concludes with a practical example, showing how to verify the policy application on test devices and ensuring settings are locked down from user modification. This comprehensive guide is aimed at IT admins seeking to manage security settings efficiently.

Takeaways

  • 😀 Microsoft Defender Antivirus is included by default in Windows 10, 11, and Windows Server, and can be managed using InTune for enhanced security configurations.
  • 😀 InTune allows security admins to configure antivirus policies for different device groups, including Windows and Mac OS devices.
  • 😀 Microsoft Defender Antivirus policies can be configured through various profiles, focusing on antivirus settings relevant to the devices being managed.
  • 😀 Endpoint security policies in InTune enable easy management of antivirus settings, separating them from other device configurations to avoid complexity.
  • 😀 The policy creation process involves signing into Microsoft Endpoint Manager Admin Center and selecting the platform and profile type for the devices.
  • 😀 Detailed configuration options are available for antivirus settings such as archive scanning, cloud protection, email scanning, real-time monitoring, and intrusion prevention.
  • 😀 Policy settings can be configured according to organizational requirements, and options are provided for specific antivirus behaviors on different devices.
  • 😀 After creating the policy, it is assigned to device groups, and the settings are applied to all devices in those groups.
  • 😀 Policy conflicts in InTune are resolved through policy merge, where InTune evaluates and combines applicable policies to avoid conflicts and ensure a smooth configuration.
  • 😀 Devices with applied policies display managed settings in the Windows Security app, preventing users from modifying critical antivirus settings like real-time protection and cloud delivery protection.
  • 😀 Syncing devices with InTune ensures that antivirus policies are applied correctly and that devices reflect the latest settings defined by security administrators.

Q & A

  • What is the main focus of the video tutorial?

    -The main focus of the video tutorial is to show how to configure Microsoft Defender Antivirus policy using Intune within the Microsoft Endpoint Manager Admin Center.

  • Which versions of Windows support Microsoft Defender Antivirus by default?

    -Microsoft Defender Antivirus is included by default in Windows 10, Windows 11, and Windows Server.

  • What is Microsoft Defender for Endpoint, and how does it differ from the built-in Defender Antivirus?

    -Microsoft Defender for Endpoint is a premium, subscription-based service that offers reporting and monitoring functions. In contrast, the default Microsoft Defender Antivirus does not include these advanced features but can be managed through Intune.

  • What are the main advantages of using Intune to manage Microsoft Defender Antivirus policies?

    -Using Intune allows administrators to manage a discrete group of antivirus settings for managed devices, making it easier to apply tailored configurations and streamline antivirus management across multiple devices.

  • What are the profile types available for antivirus policy in Intune?

    -In Intune, antivirus policies can be configured for Windows 10, Windows 11, and Windows Server platforms, and they allow settings specific to Microsoft Defender Antivirus, including options for Windows devices and macOS.

  • What is the role of 'Policy Merge' in antivirus settings in Intune?

    -Policy merge helps avoid conflicts when multiple antivirus policies are applied to the same devices. Intune evaluates and merges settings for supported policies to ensure a cohesive configuration, particularly for exclusions and other settings.

  • How does Intune resolve conflicts when policies with conflicting antivirus settings are applied?

    -Intune resolves conflicts by following three steps: first, the most secure policy is applied; second, if two policies are equally secure, the last modified policy takes precedence; third, if no conflict resolution can occur, no policy is delivered to the device.

  • What is the significance of the 'allow' settings in the antivirus policy configuration?

    -The 'allow' settings in the antivirus policy configuration enable specific antivirus features, such as cloud protection, real-time monitoring, and email scanning. These settings help administrators control how Microsoft Defender behaves on managed devices.

  • How does the policy application process work for Windows 10 devices once the policy is created in Intune?

    -After creating and assigning the antivirus policy in Intune, a manual sync is initiated on the Windows 10 device. The antivirus settings are then applied to the device, and the user can no longer change the settings from the Windows Security app.

  • Can users modify antivirus settings after the policy is applied from Intune?

    -No, once the antivirus policy is applied via Intune, users cannot modify the settings from the Windows Security app. The settings are locked and managed by the administrator.

Outlines

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Mindmap

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Keywords

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Highlights

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Transcripts

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Ver Más Videos Relacionados

Microsoft Defender for Endpoint: The Simplified Way!

Microsoft Defender for Business EDR to XDR Security Upgrade Using Microsoft 365 Business Premium

Getting Started with Microsoft Defender for Cloud

How to Disable Microsoft Defender Antivirus in Windows 11

Microsoft 365 Defender for Endpoint? Good Enough for your Business?

Company Portal || Deploy Store APPs to Android/ IOS Devices || Intune Tutorial Series | Part 16

Rate This

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
Etiquetas Relacionadas
Microsoft DefenderIntune ConfigurationAntivirus PolicyEndpoint SecurityWindows 10Windows 11Security AdminsDevice ManagementPowershellIT Security
¿Necesitas un resumen en inglés?