Thursday, October 2, 2014

Windows Defender on Windows Server Technical Preview (vNext)

By default, Windows Defender is installed on Windows Server Technical Preview (vNext). As before, Windows Defender was included in the client side operating system like Windows 7 and later. It's the first time to include antimalware software on the server side operating system.

Is Windows Defender suitable for enterprise?
For enterprise, they have their criteria to select an antimalware software for their environment. They may not consider Windows Defender and they may modify the installation image to uninstall Windows Defender for their Standard Operating Environment (SOE). One of the reason to uninstall the Windows Defender in enterprise environment is central management of the antimalware software. At this moment, there is no central management software to manage and monitor Windows Defender so enterprise companies may not consider it  

Is Windows Defender suitable for SMB?
For SMB, it may be a good choice. They may not need central management software to manage the antimalware software and then they don't need to pay additional cost to buy an additional antimalware software so SMB companies may consider using  it.

Anyway, let's have a look of Windows Defender on Windows Server Technical Preview.
On a Windows Server Technical Preview, we can add the GUI console on the Windows Server.

Even if we don't install "GUI for Windows Defender", we can perform PowerShell cmdlets to configure Windows Defender on a Windows Server.

Perform "Get-MpComputerStatus", we can check the current status of Windows Defender.

Even it's a technical preview version of Windows, we can perform "Update-MpSignature" to update the latest virus definition.

Remark: The virus definition can be updated through Windows Update.

To check the Windows Defender status, we can perform PowerShell or check it from "Services" console.

On TechNet Library, Microsoft listed the default exclusion paths of Windows Defender on Windows Server Technical Preview. The path is the following.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths

To add or remove a new exclusion path, we can perform "Add-MpPreference -ExclusionPath" and "Remove-MpPreference -ExclusionPath" PowerShell cmdlets.

Remark: We can also perform "Add-MpPreference" and "Remove-MpPreference" to exclude process and extension.

For more information, please read Windows Defender Overview.

This posting is provided “AS IS” with no warranties, and confers no rights!

No comments:

Post a Comment