Forum Discussion
Disabling Windows Defender Security Center in Enterprise (1703)
- Jun 21, 2017
Hi,
A few answers :-)
Let's start with - we do NOT support any manual changes to the registry, so those changes are not documented and not supported.
The GPO setting you set is supported, but all that does is disable Windows Defender antivirus, which would have already been disabled as you are using Symanten Endpoint Protection. Windows 10 only allows you to run 1 antivirus in real time protection at a time.
We know it's a bit complicated, and we are working in the Fall's Creators Update to make it better - but there are actually two things you see:
1. Windows Defender Security Center (WDSC) which has an overview of a lot of built-in Windows safety features (AV, Firewall, Device performance). So it's relevant even if you use SEP for AV. We currently do not support disabling this UI, but we have heard this feedback and are working on this (though no commitment/timeframe).
2. Windows Defender Antivirus. What you knew before simply as "Windows Defender". That, you can disable via GPO ( You can read more: https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-antivirus/prevent-end-user-interaction-windows-defender-antivirus )
Hope that helps,
Amitai
So, what registry changes will prevent this nuisance icon from appearing?
- Mattias BorgJul 05, 2018Brass Contributor
Just a question because I'm interrested:
What's the reason for the choice of 3rd party AV?
Customers I get in to contact with to discuss client security usually provide the answer "we've always done that".
Could be other reasons like our sourcing partner require us to use that etc.
I'm not in the discussion to argue about different solutions, I'm just interrested in the reasons.
AV/antimalware is just a small piece of the client security and I would say it's almost dead. You need it, but it won't protect you that much.
A common way of attacks today are fileless attacks and most AV solutions can't detect that so there are other configurations to be done besides installing an AV.
I usually recommend customers to go for what's included and configure the other security features in the operatingsystem like UEFI + Secure boot, application Control, CFA, credential guard, ASR, Exploit guard etc.