Only Forward: Using 3rd party antivirus on Windows server 2016 and 2019

Monday 7 September 2020

Using 3rd party antivirus on Windows server 2016 and 2019

If you using a 3rd party AV on Windows server 2016 or 2019 the Windows Defender Antivirus is locked in to active mode regardless of set up.

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility

The options are to use the registry key to switch it to passive mode

Path: HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection
Name: ForceDefenderPassiveMode
Type: REG_DWORD
Value: 1

Or uninstall which can be done via PowerShell

Uninstall-WindowsFeature -Name Windows-Defender
Uninstall-WindowsFeature -Name Windows-Defender-GUI

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016#need-to-uninstall-microsoft-defender-antivirus

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)