Export (0) Print
Expand All
Expand Minimize

Set-CMAntiMalwarePolicy

Updated: September 1, 2013

Applies To: System Center 2012 Configuration Manager SP1

Set-CMAntiMalwarePolicy

Changes configuration settings for an antimalware policy for Endpoint Protection.

Syntax

Parameter Set: SetByName
Set-CMAntiMalwarePolicy -Name <String> [-Description <String> ] [-NewName <String> ] [-Priority <PriorityChangeType> {Decrease | Increase} ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SetAdvancedSettingsByName
Set-CMAntiMalwarePolicy -Name <String> [-AllowUserAddExcludes <Boolean> ] [-AllowUserConfigQuarantinedFileDeletionPeriod <Boolean> ] [-AllowUserViewHistory <Boolean> ] [-CreateSystemRestorePointBeforeClean <Boolean> ] [-DeleteQuarantinedFilesPeriod <Int32> ] [-DisableClientUI <Boolean> ] [-EnableReparsePointScanning <Boolean> ] [-RandomizeScheduledScanStartTime <Boolean> ] [-ShowNotificationMessages <Boolean> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SetDefaultActionSettingsByName
Set-CMAntiMalwarePolicy -Name <String> [-DefaultActionHigh <DefaultActionSevereAndHighType> {Quarantine | Recommended | Remove} ] [-DefaultActionLow <DefaultActionMediumAndLowType> {Allow | None | Quarantine | Remove} ] [-DefaultActionMedium <DefaultActionMediumAndLowType> {Allow | None | Quarantine | Remove} ] [-DefaultActionSevere <DefaultActionSevereAndHighType> {Quarantine | Recommended | Remove} ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SetDefintionUpdatesSettingsByName
Set-CMAntiMalwarePolicy -Name <String> [-AuGracePeriod <Int32> ] [-DefinitionUpdateFileSharesSources <String[]> ] [-EnableSignatureUpdateCatchUpInterval <Boolean> ] [-FallbackOrder {UpdatesDistributedFromConfigurationManager | UpdatesDistributedFromMicrosoftMalwareProtectionCenter | UpdatesDistributedFromMicrosoftUpdate | UpdatesDistributedFromWsus | UpdatesFromUncFileShares}[] ] [-SignatureUpdateInterval <Int32> ] [-SignatureUpdateTime <DateTime> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SetExclusionSettingsByName
Set-CMAntiMalwarePolicy -Name <String> [-ExcludedFilePaths <String[]> ] [-ExcludedFileTypes <String[]> ] [-ExcludedProcesses <String[]> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SetMicrosoftActiveProtectionServiceSettingsByName
Set-CMAntiMalwarePolicy -Name <String> [-AllowUserChangeSpyNetSettings <Boolean> ] [-JoinSpyNet <JoinSpyNetType> {AdvancedMembership | BasicMembership | DoNotJoinMaps} ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SetRealtimeProtectionSettingsByName
Set-CMAntiMalwarePolicy -Name <String> [-AllowClientUserConfigRealTime <Boolean> ] [-MonitorFileProgramActivity <Boolean> ] [-NetworkProtectionAgainstExploits <Boolean> ] [-RealTimeProtectionOn <Boolean> ] [-RealTimeScanOption <RealTimeScanOptionType> {ScanIncomingAndOutgoingFiles | ScanIncomingFilesOnly | ScanOutgoingFilesOnly} ] [-ScanAllDownloaded <Boolean> ] [-UseBehaviorMonitor <Boolean> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SetScanSettingsByName
Set-CMAntiMalwarePolicy -Name <String> [-AllowClientUserConfigLimitCpuUsage <Boolean> ] [-ScanArchivedFiles <Boolean> ] [-ScanEmail <Boolean> ] [-ScanNetworkDrives <Boolean> ] [-ScanRemovableStorage <Boolean> ] [-ScheduledScanUserControl <ScheduledScanUserControlType> {FullControl | NoControl | ScanTimeOnly} ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SetScheduledScanSettingsByName
Set-CMAntiMalwarePolicy -Name <String> [-CheckLatestDefinition <Boolean> ] [-EnableCatchUpScan <Boolean> ] [-EnableQuickDailyScan <Boolean> ] [-EnableScheduledScan <Boolean> ] [-LimitCpuUsage <Int32> ] [-ScanWhenClientNotInUse <Boolean> ] [-ScheduledScanQuickTime <DateTime> ] [-ScheduledScanTime <DateTime> ] [-ScheduledScanType <ScheduledScanType> {FullScan | None | QuickScan} ] [-ScheduledScanWeekday <ScheduledScanWeekdayType> {Daily | Friday | Monday | Saturday | Sunday | Thursday | Tuesday | Wednesday} ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SetThreatOverridesSettingsByName
Set-CMAntiMalwarePolicy -Name <String> -OverrideAction <DefaultActionMediumAndLowType> {Allow | None | Quarantine | Remove} -ThreatName <String> [-Confirm] [-WhatIf] [ <CommonParameters>]




Detailed Description

The Set-CMAntiMalwarePolicy cmdlet changes configuration settings for an antimalware policy for System Center 2012 Endpoint Protection. You can increase or decrease the priority by which an antimalware policy is applied, and you can apply an action to the security scope of an antimalware policy.

Parameters

-AllowClientUserConfigLimitCpuUsage<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AllowClientUserConfigRealTime<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AllowUserAddExcludes<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AllowUserChangeSpyNetSettings<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AllowUserConfigQuarantinedFileDeletionPeriod<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AllowUserViewHistory<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AuGracePeriod<Int32>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-CheckLatestDefinition<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-CreateSystemRestorePointBeforeClean<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DefaultActionHigh<DefaultActionSevereAndHighType>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DefaultActionLow<DefaultActionMediumAndLowType>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DefaultActionMedium<DefaultActionMediumAndLowType>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DefaultActionSevere<DefaultActionSevereAndHighType>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DefinitionUpdateFileSharesSources<String[]>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DeleteQuarantinedFilesPeriod<Int32>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Description<String>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DisableClientUI<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-EnableCatchUpScan<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-EnableQuickDailyScan<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-EnableReparsePointScanning<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-EnableScheduledScan<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-EnableSignatureUpdateCatchUpInterval<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ExcludedFilePaths<String[]>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ExcludedFileTypes<String[]>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ExcludedProcesses<String[]>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-FallbackOrder<FallbackOrderType[]>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-JoinSpyNet<JoinSpyNetType>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-LimitCpuUsage<Int32>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-MonitorFileProgramActivity<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Name<String>

Specifies the name of an antimalware policy.


Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-NetworkProtectionAgainstExploits<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-NewName<String>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-OverrideAction<DefaultActionMediumAndLowType>

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Priority<PriorityChangeType>

Sets the priority of an antimalware policy. Valid values are Increase and Decrease.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-RandomizeScheduledScanStartTime<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-RealTimeProtectionOn<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-RealTimeScanOption<RealTimeScanOptionType>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScanAllDownloaded<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScanArchivedFiles<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScanEmail<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScanNetworkDrives<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScanRemovableStorage<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScanWhenClientNotInUse<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScheduledScanQuickTime<DateTime>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScheduledScanTime<DateTime>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScheduledScanType<ScheduledScanType>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScheduledScanUserControl<ScheduledScanUserControlType>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ScheduledScanWeekday<ScheduledScanWeekdayType>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ShowNotificationMessages<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-SignatureUpdateInterval<Int32>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-SignatureUpdateTime<DateTime>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-ThreatName<String>

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-UseBehaviorMonitor<Boolean>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Confirm

Prompts you for confirmation before executing the command.


Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-WhatIf

Describes what would happen if you executed the command without actually executing the command.


Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters.

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

Outputs

The output type is the type of the objects that the cmdlet emits.

Examples

Example 1: Increase the priority of an antimalware policy by using name

This command increases the priority of the antimalware policy named ContosoPolicy.


PS C:\> Set-CMAntiMalwarePolicy -Priority Increase -Name "ContosoPolicy"

Example 2: Increase the priority of an antimalware policy by using ID

This command decreases the priority of the antimalware policy that has the ID 16777217.


PS C:\> Set-CMAntiMalwarePolicy -Priority Increase -ID "16777217"

Example 3: Add a membership to a security scope

This command adds membership to the security scope named CScope22 for the antimalware policy named ContosoPolicy.


PS C:\> Set-CMAntiMalwarePolicy -SecurityScopeAction "AddMembership" -SecurityScopeName "CScope22" -Name "ContosoPolicy"

Example 4: Remove membership from a security scope

This command removes membership to the security scope named CScope22 for the antimalware policy named ContosoPolicy.


PS C:\> Set-CMAntiMalwarePolicy -SecurityScopeAction RemoveMembership -SecurityScopeName "CScope22" -Name "ContosoPolicy"

Example 5: Decrease the priority of an antimalware policy by using an object variable

The first command gets an antimalware policy object that has the ID 16777217 and stores it in the $AMPobj variable.

The second command decreases the priority of the antimalware policy stored in the $AMPobj variable.


PS C:\> $AMPobj = Get-CMAntiMalwarePolicy -ID "16777217"
PS C:\> Set-CMAntiMalwarePolicy -Priority Decrease -Inputobject $AMPobj

Related topics

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft