Forum Discussion

SebastiaanR's avatar
SebastiaanR
Brass Contributor
Sep 09, 2021

MDE Anti-malware Policy Management

Good day community,

 

Rookie question, but MDE does not allow AV policy management across devices, correct? In other words, I still need to manage my Windows 10 devices through MEM/Config Manager for things like file/folder exclusion.

 

In short, MDE does not allow me to manage Windows Defender AV.

 

TIA

  • Correct, you need an additional management pane to managed MDAV
    Also to deploy MDE
  • mas18's avatar
    mas18
    Brass Contributor
    Yes. MDE will provide EDR functionalities but for AV(EPP) functionalities still need configuration manager tools. We can use MDE (KQL Query) to get the Defender AV reports like antivirus status, definition reports and etc.. i am not sure what kind of Files/Folder exclusion you are talking about. if excluding file/folder from av scanning then it needs to be managed through config tool. if you are talking about excluding files/folder from automatic investigation then it can be done through MDE...
  • Thijs Lecomte's avatar
    Thijs Lecomte
    Bronze Contributor
    Correct, you need an additional management pane to managed MDAV
    Also to deploy MDE
    • SebastiaanR's avatar
      SebastiaanR
      Brass Contributor
      Thought so, thanks for the sanity check 🙂

Resources