none
Turn on Defender AS SECOND AV via Policy / Registry RRS feed

  • Question

  • Good Day,

    We currently have security software that registers in Windows at Virus Software, but it does not scan 'data at rest'.  It strictly handles everything pre-execution.

    For added protection of our Data-at-Rest we need to enable Defender.  The problem is, when we use the Windows 10 (1709) admx policies that would normally turn on Defender, it does not start due to our other software.  But, once the policy is turned on, Local Administrators can use the Defender Anti-Virus settings panel in Windows 10 to turn it on.  

    After this is done, the Defender AntiVirus service is activated.  So, we thought we could just use policy to enable and turn on this service and voila.  No joy!  When trying to manually turn on the service, it complains about updates not being done and the service won't start.  

    What we're looking for is a way to use policy to turn on Defender without the end users needing to use the control panel to activate it. 

    HELP!


    Tuesday, June 26, 2018 9:35 PM

Answers

  • Hi,

    By default, if you have installed 3-party antivirus software, defender will enter a passive/disable mode.

    https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility

    As the document says 

    "In passive and automatic disabled mode, you can still manage updates for Windows Defender AV, however you can't move Windows Defender AV into the normal active mode if your endpoints have an up-to-date third-party product providing real-time protection from malware."

    There is conflict during defender and other antivirus software, we don't recommend you to manually enable defender.

    What is more, said you can manually turn defender on using control panel, that is the best of it. The policy can't auto turn it on, it is possible that the policy is blocked by the conflict of two antivirus software.


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Wednesday, June 27, 2018 7:36 AM