Table of contents
Collapse the table of content
Expand the table of content

Windows Defender Antivirus in Windows 10

Iaan|Last Updated: 4/5/2017

Applies to

  • Windows 10

Windows Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers.

This library of documentation is aimed for enterprise security administrators who are either considering deployment, or have already deployed and are wanting to manage and configure Windows Defender AV on PC endpoints in their network.

For more important information about running Windows Defender on a server platform, see Windows Defender Overview for Windows Server.

Windows Defender AV can be managed with:

  • System Center Configuration Manager (as System Center Endpoint Protection, or SCEP)
  • Microsoft Intune

It can be configured with:

  • System Center Configuration Manager (as System Center Endpoint Protection, or SCEP)
  • Microsoft Intune
  • PowerShell
  • Windows Management Instrumentation (WMI)
  • Group Policy

Some of the highlights of Windows Defender AV include:

What's new in Windows 10, version 1703

New features for Windows Defender AV in Windows 10, version 1703 include:

We've expanded this documentation library to cover end-to-end deployment, management, and configuration for Windows Defender AV, and we've added some new guides that can help with evaluating and deploying Windows Defender AV in certain scenarios:

See the In this library list at the end of this topic for links to each of the updated sections in this library.

Minimum system requirements

Windows Defender has the same hardware requirements as Windows 10. For more information, see:

Some features require a certain version of Windows 10 - the minimum version required is specified at the top of each topic.

Functionality, configuration, and management is largely the same when using Windows Defender Antivirus on Windows Server 2016, however there are some differences.

In this library

Evaluate Windows Defender Antivirus protectionEvaluate the protection capabilities of Windows Defender Antivirus with a specialized evaluation guide and PowerShell script
Deploy, manage updates, and report on Windows Defender AntivirusWhile traditional client deployment is not required for Windows Defender AV, you will need to enable the service. You can also manage how protection and product updates are applies, and receive reports from Configuration Manager, Intune, and with some security information and event monitoring (SIEM) tools
Configure Windows Defender featuresWindows Defender AV has a large set of configurable features and options. You can configure options such as cloud-delivered protection, always-on monitoring and scanning, and how end-users can interact or override global policy settings
Customize, initiate, and review the results of scans and remediationYou can set up scheduled scans, run on-demand scans, and configure how remediation works when threats are detected
Troubleshoot Windows Defender in Windows 10Review event IDs and error codes in Windows Defender Antivirus to determine causes of problems and troubleshoot issues
Reference topics for management and configuration toolsThe management and configuration tools that you can use with Windows Defender AV are listed and described here
© 2017 Microsoft