Pau Lo
asked on
windows defender status.
What tools or procedures do you have in operation to monitor & report on windows defender status/levels (assuming that is what you use for an AV on end user devices). We need to get some assurance reports on AV status for all end user kit to ensure defender is running (these are all Windows 10 devices btw) and definitions last updated by statistics for all devices. Most AV apps I have seen in the past have some really useful compliance reports that can be used for audits and/or internal monitoring of compliance by the security teams who have responsibility for AV.
Out of interest, what kind of issues can occur in a corporate environment to cause defender not to be running on a device, and/or out of date in terms of signatures. I am trying to get a realistic opinion on how easy it is to get things wrong when it comes to managing defender, or whether it is a fairly painless process and likely that all devices will have the software running and be current.
Out of interest, what kind of issues can occur in a corporate environment to cause defender not to be running on a device, and/or out of date in terms of signatures. I am trying to get a realistic opinion on how easy it is to get things wrong when it comes to managing defender, or whether it is a fairly painless process and likely that all devices will have the software running and be current.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, however, recent updates sometime cause warnings for Windows Defender settings which need to be investigated and satisfied. Tamper Protection in V1903 comes to mind (some machines)
If you have System Center Configuration Manager (SCCM/ConfigMgr) in your org, then you can use that to manage Defender definitions, policies, and more. Plus, you get the ability to monitor for compliance.
On individual workstations, the Defender icon should have a green checkmark (all well) and otherwise investigate what the issues are. Windows Defender will pop up if quarantining an object.