New management capabilities for Microsoft Defender Antivirus in Microsoft 365 Business Premium

Published Sep 22 2020 07:58 AM 13.5K Views

Protecting the computers in your organization against viruses and malware is an important piece of any security strategy – one that applies whether your business is small or large. With a Microsoft 365 Business Premium subscription, you can enforce Microsoft Defender Antivirus on your PCs to provide robust antimalware protection.  It works deep inside Windows OS to protect against threats in an unobtrusive way. 


You’ve told us that you would like more visibility and control into the ways that Microsoft Defender is protecting the devices in your small and medium-sized business.  So today, we’re pleased to announce that we’re adding management capabilities for Defender Antivirus in the Business Premium subscription plan.  


These new antivirus management capabilities will start rolling out next quarter and will appear in the Microsoft 365 admin center. Let’s take a closer look at what’s coming.


Stay on top of active threats

From the new Active Threats page in the Microsoft 365 admin center, you will be able to view active threats in your environment, understand which users and devices are affected by them, which of these were blocked or quarantined, and where a review is needed.


This will enable you to better understand the threats that Defender Antivirus is mitigating – including threat type, severity level, impact on users and devices, and detailed information on it from Microsoft Threat intelligence – so you may focus your time and resources on the most critical risks.



View a list of all active threats and impacted devices at your business


Keep track of protected devices

With the new Active Devices page, you will have one place to see which devices in your business are running Microsoft Defender Antivirus, if those are up to date, if they have any active threats, and where action is needed – such as a reboot, required update, or overdue scan. 


This will enable you to see an overview of the protection state of your devices without the time-consuming effort of going to each PC to know if the device is protected, and if it needs an action. 



See a list of all devices protected by Defender Antivirus and their state


Get started from the Microsoft 365 admin center

These new management capabilities will work for ‎Windows 10‎ devices in your organization that are enrolled in ‎Microsoft Intune with a Microsoft 365 Business Premium subscription plan‎.


To see a demo of the new antivirus management capabilities coming to Business, Premium and how you can easily enforce Microsoft Defender Antivirus is turned on to protect your PCs, watch the following the video:


Once these are rolled out, the new capabilities will appear in the Microsoft 365 admin center. You will be able to add a new card on the admin center homepage to see a quick overview of active threats and protected devices in your business.


Note: Antivirus management is already available to enterprise customers as part of Microsoft Defender Advanced Threat Protection in the Microsoft 365 Enterprise E5 plan.


We’ll be rolling these capabilities next quarter, and are eager for you to put them to work to secure the devices in your organization.  If you have questions about the upcoming capabilities, or feedback for the team, let us know here in the SMB Tech Community.


Senior Member

This isn't the full ATP suite, just reporting on Defender AV section, correct?


@tratz1210 yes you're correct, we adding management and reporting on Microsoft Defender Antivirus, not the full capabilities of Microsoft Defender ATP, to Microsoft 365 Business Premium.

PS: Microsoft Defender ATP is available separately as an add-on or as part of the Microsoft 365 Enterprise E5 plan. 

Regular Contributor

Thank you for the clarification, very good news! 

Occasional Visitor

Is this enabling Endpoint Manager Security Baselines? Should I see this in Endpoint Manager Admin Center? TIA


@eckspeck It is not. This is a minimum set of policies that have been defined for the SMB space.

Occasional Contributor

@Vivek Kumar Great post plus excellent video. I was able to follow the demo and get the management capabilities for MDA activated. It was announced that the card would be available for the admin center in the next quarter. It is 18 dec now, but the card is not visible yet. Shifted to jan 2021? 


Noticed this functionality still hasn't been rolled out yet. Any feedback on when we could expect these great new features in the admin portal?

New Contributor

Hello All!


With the announcement of Microsoft Defender for Endpoint Plan 1 and its inclusion in Microsoft 365 E3 / A3, would it be possible for you to detail the differences between Defender for Endpoint Plan 1 and the management capabilities that Microsoft 365 Business Premium has for Windows Defender?


Frequent Visitor

@Vivek Kumar an answer to @davidpr  question would be very interesting.


A second question:

If the customer still uses a server on-premises, he can only use Defender for Server if he has more than 50 licenses (for Defender for Endpoint Plan 2 or bundles which includes it). As it stands, the Business Premium is not one of them, so he is not able to buy a license for Defender for Server?



Version history
Last update:
‎Sep 22 2020 12:11 AM
Updated by: