System Center Endpoint Protection and Windows Defender both have a history of changes since they came out years ago. When Windows 10 came out more changes were made to Endpoint Protection and Windows Defender as we covered in a previous post. The latest Windows 10 Creators Update (1703), also bring its share of changes for Windows Defender, which then impact Endpoint Protection on the end-user side.
If you are new to System Center Endpoint Protection, see our complete guide which covers it all.
In this post, we will look at what changed for Endpoint Protection and Windows Defender in the Windows 10 Creators Update (1703).
What’s new for Endpoint Protection on Windows 10 Creators Update?
First thing first. The name! Microsoft as once again renamed Windows Defender. The new name is Windows Defender Antivirus. This is due to the rising of Advanced Threat Protection (ATP) and the idea that Windows Defender is becoming more a security suite for Windows 10.
This can be seen under Settings / Update & Security / Windows Defender. Basic information are available on this screen.
To seen each “component” of Windows Defender, Microsoft has created a Windows Defender Security Center section :
Windows Defender standalone window
The standalone window is now gone. Everything can be found in the Windows Defender Security Center
This is how it looks before Creators Update:
With Windows 10 Creators Update :
How to run a manual scan?
As stated earlier, Microsoft like to move stuff around regarding Endpoint Protection and Windows Defender. The manual scan has moved :
- To run a scan, go to in the Windows Defender Security Center / Virus & threat protection
- Quick Scan and Advanced Scan are available
- Under Advanced Scan, a new option is available : Windows Defender Offline Scan
More details about Windows Defender Offline Scan on the Technet Article
How to validate Anti-malware policies
To validate which Anti-malware policies are applied from Endpoint Protection:
- Go to Windows Defender Security Center / Settings
- Click the gear icon on the bottom
- Then click on About
- Anti-malware policies are displayed in a similar format as before
SCCM Definition Updates
Definition updates haven’t changed for the new release of Windows 10. It is still required to deploy Windows Defender Definition Update KB2267602. Also, note that the update is still in the Windows Defender product category.
What are the new features for Windows Defender on Windows 10 Creators update?
As we said at the beginning of this blog, Windows Defender is becoming a suite of Security features.
The Windows Defender Security Center include the following features on top of Windows Defender Anti-virus:
Firewall & network protection
This is a high-level view of the Firewall status. Windows Firewall with Advanced Security is still available and necessary.
Device Performance & Health
This new section provides an overview of the Windows Update, Storage Capacity, Device Drivers and Battery life.
Not much has emerged for this section so far. Status and report are automatically generated.
Warning and error will impact the display icon of Windows Defender Security Center from the system tray.
App & Browser Control
This section is the previously known SmartScreen, which is now rebranded to Windows Defender SmartScreen
It comes with 3 settings section: Check Apps & files, SmartScreen for Microsoft Edge and SmartScreen for Windows Store apps.
A fourth setting is available in Internet Explorer 11. This seems to be a standalone On/Off switch, as it doesn’t affect any settings under the App & Browser Control
This is pretty much the Parental Control but online with LiveID
Clicking on View family settings lead to this Microsoft page, which is an online service for family options.
For more details on Windows Defender in Windows 10 Creators Updates, see the Technet article
The inability to tell this new security center to stop displaying warnings to my users because I choose to manage my internal client firewalls in a way different from MS’ lone acceptable method is a show-stopper on 1703, for me. I simply can’t have a giant red X on the Defender icon in the tray for the flood of users that will call our helpdesk and I’m not willing to re-configure my environment to make it go away. Wake me when MS gives us a way to control these Defender warnings.
They need to stop treating enterprise professionals like home users. One size does not fit all in the business world.
The fact that when you install a clean install of W10 Enterprise and you are greeted with Candy Crush on the start menu means that we likely never get treated the same way again as sys admins.
Pingback: SCCM Endpoint Protection on Windows 10 Creators Update 1703 |