1. Home
  2. SureMDM
  3. How to use “Threat protection” for Windows devices using Windows Defender in SureMDM
  1. Home
  2. Windows Management
  3. How to use “Threat protection” for Windows devices using Windows Defender in SureMDM

How to use “Threat protection” for Windows devices using Windows Defender in SureMDM

KB ID: 42G2112032
Views: 571
Updated: December 2021

As an administrator, it is always important to keep the systems scanned for viruses and for the smooth performance of the machines. To manage any Windows device, we have SureMDM to remote device management. Also, the same SureMDM offers the Windows Defender policy to keep the systems clean and smooth. So, how to configure the Windows Defender policy and what all features it offers?

To configure the Windows Defender policy in SureMDM, below are the steps :

Pre-requisites: The device should be enrolled in dual-mode (SureMDM Agent + EMM) and the SureMDM Agent must be on v4.57 or later


1. Log in to the SureMDM web console

2. Navigate to the Profiles section and choose the Windows platform

3. Now select the Defender Profile tab

The profile provides the below type of scan and protection options.

   a. Schedule Scan

   b. Scan(types)

   c. Real-time protection

   d. Exclusions

   e. Signature Updates

   f. Windows Defender Exploit Guard

   g. Advanced Protections

4. Once the required configuration is done, go to HOME and select the device(s), and hit Apply to push to the device(s).

Schedule Scan
The administrator can schedule the system scan and what actions to be performed based on the type of threats found.

The administrator can configure the different types of the scan to be performed such as Archive files, Emails, Network files, Mapped Drives, Removeable Drives, Catchup quick/full scan, and Signature checks.

Real-time protection
Enabling/disabling of real-time and Behaviour monitoring, OAP (Office Antivirus protection), Intrusion Prevention System, On-Access Protection, PUA(Potentially Unwanted Applications) monitor and real-time scan direction(monitoring both incoming and outgoing files)

The administrator here can exclude the specific file types, paths and processes.

Signature Updates
This option offers the administrator to update the signature interval, can add file share sources and Fallback order (defines the order in which different definitions update sources should be contacted).

Windows Defender Exploit Guard
This provides options like Attack Surface Reduction, Controlled Folder Access, and Network Protection configurations.

Advanced options
This section allows the administrator to configure the options such as Cloud protection like sending details to the Microsoft server if any problem is found in the system, Script scanning, Windows Defender UI access, and for how many days the malware should be retained in the system.

To know more about SureMDM MTD for Android click here

Related Articles