Windows Defender Agent Preferences
Modifying Windows Defender preferences on a Windows PC can help tailor the security settings to better meet your specific needs and usage patterns. Here are some general reasons for making these adjustments:
- Enhanced Security: Adjusting settings like real-time protection, controlled folder access, and cloud-delivered protection can provide stronger defenses against malware, ransomware, and other threats.
- Performance Optimization: Customizing scan schedules, CPU usage, and exclusions can help balance security with system performance, ensuring that scans don’t interfere with your work.
- Compatibility: Modifying preferences can help avoid conflicts with other software or network configurations, ensuring smooth operation of all applications.
- User Convenience: Tailoring notifications and automatic actions can reduce interruptions and make the security experience more user-friendly.
- Compliance: Adjusting settings to meet specific organizational or regulatory requirements can ensure that your system adheres to necessary security standards.
By customizing these preferences, you can create a security setup that is both robust and aligned with your unique needs.
Preference Options
RMMmax can configure the preferences for Windows Defender scans and updates. Select the options you would like to enable or disable and save the preferences for the agent. RMMmax will reach out to your RMM and request that the agent update it’s preferences.
- Allow Datagram Processing on Windows Server: Enables datagram processing for network protection on Windows Server.
- Allow Network Protection Down Level: Allows network protection on older versions of Windows.
- Allow Network Protection on Windows Server: Enables network protection on Windows Server.
- Check For Signatures Before Running Scan: Ensures the latest virus definitions are used before running a scan.
- Disable Catchup Full Scan: Prevents full scans from running if they were missed.
- Definition Updates Channel: Specifies the source for definition updates (e.g., Microsoft Update, WSUS).
- Disable Archive Scanning: Prevents scanning of archive files like .zip or .rar.
- Disable Auto Exclusions: Disables automatic exclusions based on server roles.
- Disable Behavior Monitoring: Turns off real-time monitoring of application behavior.
- Disable Block at First Seen: Disables blocking of files the first time they are seen.
- Disable Catchup Quick Scan: Prevents quick scans from running if they were missed.
- Disable CPU Throttle on Idle Scans: Disables CPU throttling during idle scans.
- Disable Datagram Processing: Disables datagram processing for network protection.
- Disable DNS Over TCP Parsing: Disables parsing of DNS over TCP traffic.
- Disable DNS Parsing: Disables parsing of DNS traffic.
- Disable Email Scanning: Prevents scanning of email messages.
- Disable FTP Parsing: Disables parsing of FTP traffic.
- Disable Gradual Release: Disables gradual rollout of updates.
- Disable HTTP Parsing: Disables parsing of HTTP traffic.
- Disable Inbound Connection Filtering: Disables filtering of inbound network connections.
- Disable Intrusion Prevention System: Turns off the intrusion prevention system.
- Disable IO AV Protection: Disables input/output antivirus protection.
- Disable Network Protection Perf Telemetry: Disables performance telemetry for network protection.
- Disable Privacy Mode: Disables privacy mode, which limits data collection.
- Disable RDP Parsing: Disables parsing of Remote Desktop Protocol traffic.
- Disable Realtime Monitoring: Turns off real-time protection.
- Disable Removable Drive Scanning: Prevents scanning of removable drives.
- Disable Restore Point: Disables the creation of system restore points.
- Disable Scanning Mapped Network Drives for Full Scan: Prevents full scans of mapped network drives.
- Disable Scanning Network Files: Prevents scanning of network files.
- Disable Script Scanning: Disables scanning of scripts.
- Disable SSH Parsing: Disables parsing of SSH traffic.
- Disable TLS Parsing: Disables parsing of TLS traffic.
- Enable Controlled Folder Access: Protects folders from unauthorized changes.
- Enable File Hash Computation: Enables computation of file hashes for security.
- Enable Full Scan on Battery Power: Allows full scans to run on battery power.
- Enable Low CPU Priority: Runs scans with low CPU priority.
- Enable Network Protection: Enables network protection to block malicious sites.
- Enable DNS Sinkhole: Redirects malicious DNS queries to a safe IP.
- Force Use Proxy Only: Forces the use of a proxy server for updates.
- Metered Connection Updates: Allows updates over metered connection.
- Randomize Schedule Task Times: Randomizes the start times of scheduled tasks.
- Scan Avg CPU Load Factor: Sets the average CPU load factor for scans.
- Scan Only If Idle Enabled: Runs scans only when the system is idle.
- Signature Disable Update on Startup Without Engine: Prevents signature updates without the engine.
- Throttle For Scheduled Scan Only: Limits CPU usage only for scheduled scans.
- UI Lockdown: Locks down the user interface to prevent changes.
- Allow Switch to Async Inspection: Allows switching to asynchronous inspection.
- Disable TDT Feature: Disables the Threat Detection Technology feature.
- Report Dynamic Signature Dropped Event: Reports events when dynamic signatures are dropped.