Monday 7 September 2020

Using 3rd party antivirus on Windows server 2016 and 2019

If you using a 3rd party AV on Windows server 2016 or 2019 the Windows Defender Antivirus is locked in to active mode regardless of set up.

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility

The options are to use the registry key to switch it to passive mode

  • Path: HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection
  • Name: ForceDefenderPassiveMode
  • Type: REG_DWORD
  • Value: 1
Or uninstall which can be done via PowerShell

No comments:

Post a Comment