Windows Server Endpoint Protection:
What is Windows Server Antivirus?
Windows Server Antivirus or also known as Microsoft Defender Antivirus. It is a next-generation protection software from Microsoft to protect Cloud infrastructure devices or the endpoints. This software is compatible with other antivirus software to run Microsoft Defender Antivirus in passive mode alongside the non-Microsoft antivirus software agents or clients.
Microsoft Defender Antivirus software comes with pre-defined policies that are automatically applied to each and newly connected device, delivering immediate protection to your hardware, files and softwares on your device.
Here is the list of available Windows Server editions or versions with Microsoft Defender Antivirus:
- Windows Server 2012 R2, 2016, 2019, 2022
- Windows Server 2018, version 1803 or later
- Windows 10 and Windows 11
If you are using Windows Server 2016 or 2012 R2? Then you require Microsoft Defender for Endpoint to run Microsoft Defender Antivirus in passive mode.
What are the ways to manage Microsoft Defender Antivirus?
You can use PowerShell, Group Policy to manage Defender Antivirus on windows servers.
How to turn on the GUI using PowerShell?
PowerShell cmdlet: Install-WindowsFeature -Name Windows-Defender-GUI
How to install Microsoft Defender Antivirus using PowerShell?
PowerShell cmdlet: Install-WindowsFeature -Name Windows-Defender
How to verify that Microsoft Defender Antivirus is running or not?
PowerShell cmdlet: Get-Service -Name windefend
How to verify that firewall protection is turned on or off?
PowerShell cmdlet: Get-Service -Name mpssvc
How to set Microsoft Defender Antivirus to passive mode by using a registry key?
Set the ForceDefenderPassiveMode registry key as follows:
- Path: HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection
- Name: ForceDefenderPassiveMode
- Type: REG_DWORD
- Value: 1
How to turn off the Microsoft Defender Antivirus user interface using PowerShell?
PowerShell cmdlet: Uninstall-WindowsFeature -Name Windows-Defender-GUI
How to disable Microsoft Defender Antivirus using PowerShell?
PowerShell cmdlet: Set-MpPreference -DisableRealtimeMonitoring $true
How to uninstall Microsoft Defender Antivirus using PowerShell?
PowerShell cmdlet: Uninstall-WindowsFeature -Name Windows-Defender
How to disable Defender Antivirus using Group Policy?
From Group Policy Editor, navigate to Administrative Template > Windows Component > Endpoint Protection > Disable Endpoint Protection, and then select Enabled > OK.