none
Windows 10 1703 Defender Security Center Firewall Red X on System Tray RRS feed

  • Question

  • I have rolled out 1703 to several test systems in our environment and everything seems to be good so far except for Windows Defender Security Center.  In the tray icon there is a Red X over the shield.

    This is because the Domain Firewall is set to off by GPOs and WDSC is reporting that actions are needed.  This is not the case since the firewall is controlled by group policy yet I have found no way of resolving this short of removing the shield icon from the system tray (not ideal) or disabling MSASCuiL.exe (less ideal).

    We teach our users to pay attention to Red Xs and warnings and to let us know when they appear.  I can't go back on years of training and education and tell them "except for this one".  Besides, it's like a check engine light in a car.  If it's always on you'll never know when it has something important to tell you.

    I just want the shield there without the Red X because of the Domain firewall setting.

    Any options or ideas that I may be missing?

    I am running 1703 (15063.250) on the test systems.

    Thanks, Dennis




    • Edited by gitdennis Tuesday, May 9, 2017 5:06 PM
    Tuesday, May 9, 2017 3:29 PM

All replies

  • Hi,

    You just could disable this icon completely via the following method:

    1. Open the Task Manager.

    2. Jump to Startup tab.

    3. Select "Windows Defender notification icon", click Disable.

    4. Restart the computer.


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, May 10, 2017 6:51 AM
    Moderator
  • That's not quite the solution we are looking for.  We want the icon in the system tray.  We just don't want it showing a Red X for something we intentionally turned off with a GPO.
    Wednesday, May 10, 2017 8:38 PM
  • That's not quite the solution we are looking for.  We want the icon in the system tray.  We just don't want it showing a Red X for something we intentionally turned off with a GPO.
    There is no way unless that you turn the Windows Firewall on.

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, May 11, 2017 10:29 AM
    Moderator
  • Yes, you are correct, a single user can turn off this RED X tray icon using Task Manager, if they have ADMIN rights. But in a school setting, all my users are non-admins. I need a better, centralized solution for hundreds of clients.
    Thursday, May 11, 2017 7:13 PM
  • There is no way unless that you turn the Windows Firewall on.



    Frankly, this is an unacceptable answer for an enterprise that manages thousands of  machines and doesn't want to use your 'one size fits all' firewall policies and doesn't want to have a giant "YOUR MACHINE IS UNSAFE RED X!" to their users.


    I expect better from Microsoft.  Stop treating your enterprise customers like home users.  Give us a way, group policy preferably, to manage what is and isn't displayed to our users from Defender.


    Friday, May 12, 2017 3:17 PM
  • @Karen_Hu - can you please submit to Microsoft engineering to add a group policy setting or just an internal setting in Windows 10 1703 that acknowledges the presence of a domain hardware firewall? There is no need to display the big red X in an enterprise/education environment that use a hardware firewall appliance and we are purposely disabling the Windows firewall.

    Friday, May 12, 2017 3:24 PM
  • Hi all,

    You could submit this feedback via the built-in Feedback app. And I will also submit it via our own channel.


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, May 15, 2017 9:14 AM
    Moderator
  • There is no way unless that you turn the Windows Firewall on.



    Frankly, this is an unacceptable answer for an enterprise that manages thousands of  machines and doesn't want to use your 'one size fits all' firewall policies and doesn't want to have a giant "YOUR MACHINE IS UNSAFE RED X!" to their users.


    I expect better from Microsoft.  Stop treating your enterprise customers like home users.  Give us a way, group policy preferably, to manage what is and isn't displayed to our users from Defender.


    This is 100% accurate and Microsoft KNOWS there will be complaints, it is completely unacceptable that no GPO was released along with this "feature", in fact it directly contradicts other GPO settings to disable balloon notifications (yes, different mechanism but the same end result) and makes the Disable Firewall (Domain) now pretty much something that will create user confusion... Way to go Microsoft! No DCR should be necessary, that should be obvious GPO control is desired (and required)...

    Jack


    • Edited by JFetter Monday, May 15, 2017 10:37 AM
    Monday, May 15, 2017 10:37 AM
  • Thank you Karen_Hu for submitting this request.
    Monday, May 15, 2017 4:58 PM