Forefront Endpoint Protection Blog

All the latest news and information on Forefront Client Security, Forefront Endpoint Protection and System Center Endpoint Protection 2012

More information on Microsoft antimalware protection on Windows 8 and Windows Server 2012

More information on Microsoft antimalware protection on Windows 8 and Windows Server 2012

  • Comments 4
  • Likes

securityIconWindows 8 comes with Windows Defender (WD) included and has no built-in manageability. WD is primarily a consumer product, like Microsoft Security Essentials (MSE) that is shipped in the box with Windows 8.

Windows Defender is NOT included with Windows Server 2012, see the table below for a supported version of a Microsoft Antimalware product.

System Center Endpoint Protection (SCEP) and Forefront Endpoint Protection (FEP) will always disable WD during the SCEP/FEP installation process.

FEP 2010 and SCEP RTM will not support Windows 8 or Windows Server 2012 although the support for both is scheduled to come with a future update for Configuration Manager 2007/FEP 2010 and Service Pack 1 for System Center 2012 Configuration Manager.

NOTE:  Windows Defender that comes with Windows 8 includes antimalware protection!

All Microsoft Antimalware protection clients listed below will be using the same underlying technologies and offer the same level of protection:

  • SCEP SP1
  • FEP with Update Rollup 1 + future update
  • Windows Defender included with Windows 8
  • MSE

The table below gives an overview of the supported Microsoft Antimalware Protection products.

 

Windows 8/Windows Server 2012

Pre-Windows 8

Managed with ConfigMgr 2012

SCEP SP1

SCEP / SCEP SP1

Managed with ConfigMgr 2007

FEP w/FEP Update Rollup 1 + KB2758685

FEP / FEP Update Rollup 1

Unmanaged

Windows Defender (NOT on Windows Server 2012)

MSE / SCEP / SCEP SP1 / FEP with install switches

NOTE Please remove any Group Policies containing “Turn off Windows Defender”=Disabled before you deploy SCEP/FEP on Windows 8 clients or you will have issues with definitions not deploying properly. When editing the Windows Defender group policy, click “Turn off Windows Defender” on the right of the window, then click “Edit Policy Setting” to open the “Turn off Windows Defender” dialog box. Click the circle next to “Enabled” to disable Windows Defender.

Diana L. Smith, CISSP | Senior Support Escalation Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

clip_image001 clip_image002

App-V Team blog: http://blogs.technet.com/appv/
ConfigMgr Support Team blog: http://blogs.technet.com/configurationmgr/
DPM Team blog: http://blogs.technet.com/dpm/
MED-V Team blog: http://blogs.technet.com/medv/
Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
Operations Manager Team blog: http://blogs.technet.com/momteam/
SCVMM Team blog: http://blogs.technet.com/scvmm
Server App-V Team blog: http://blogs.technet.com/b/serverappv
Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center Essentials Team blog: http://blogs.technet.com/b/systemcenteressentials
WSUS Support Team blog: http://blogs.technet.com/sus/

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

Comments
  • I'd like clarification on this statement:

    "Please remove any Group Policies containing “Turn off Windows Defender”=Disabled"

    Does this mean that the "turn off Windows Defender" policy should be set to Enabled or Not Configured?

    On my first read of the note, I took it to mean that any policies which disable Windows Defender should be removed. This would makes sense because Defender on Windows 8 is the same service/process (MsMpEng.exe) as FEP/SCEP.

    Thanks

  • Hi Kevin, that means it should be set to "Enabled." Just as an FYI there are some steps on how to do this here: www.ehow.com/how_6834770_disable-windows-defender-group-policy.html

  • What free antivirus do you provide for Server 2012 when used as workstation? On previous version you could use MSE.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment