Windows 8 comes with Windows Defender (WD) included and has no built-in manageability. WD is primarily a consumer product, like Microsoft Security Essentials (MSE) that is shipped in the box with Windows 8.
Windows Defender is NOT included with Windows Server 2012, see the table below for a supported version of a Microsoft Antimalware product.
System Center Endpoint Protection (SCEP) and Forefront Endpoint Protection (FEP) will always disable WD during the SCEP/FEP installation process.
FEP 2010 and SCEP RTM will not support Windows 8 or Windows Server 2012 although the support for both is scheduled to come with a future update for Configuration Manager 2007/FEP 2010 and Service Pack 1 for System Center 2012 Configuration Manager.
NOTE: Windows Defender that comes with Windows 8 includes antimalware protection!
All Microsoft Antimalware protection clients listed below will be using the same underlying technologies and offer the same level of protection:
The table below gives an overview of the supported Microsoft Antimalware Protection products.
Windows 8/Windows Server 2012
Managed with ConfigMgr 2012
SCEP / SCEP SP1
Managed with ConfigMgr 2007
FEP w/FEP Update Rollup 1 + KB2758685
FEP / FEP Update Rollup 1
Windows Defender (NOT on Windows Server 2012)
MSE / SCEP / SCEP SP1 / FEP with install switches
NOTE Please remove any Group Policies containing “Turn off Windows Defender”=Disabled before you deploy SCEP/FEP on Windows 8 clients or you will have issues with definitions not deploying properly. When editing the Windows Defender group policy, click “Turn off Windows Defender” on the right of the window, then click “Edit Policy Setting” to open the “Turn off Windows Defender” dialog box. Click the circle next to “Enabled” to disable Windows Defender.
Diana L. Smith, CISSP | Senior Support Escalation Engineer | Management and Security Division
Get the latest System Center news on Facebook and Twitter:
App-V Team blog: http://blogs.technet.com/appv/ ConfigMgr Support Team blog: http://blogs.technet.com/configurationmgr/ DPM Team blog: http://blogs.technet.com/dpm/ MED-V Team blog: http://blogs.technet.com/medv/ Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/ Operations Manager Team blog: http://blogs.technet.com/momteam/ SCVMM Team blog: http://blogs.technet.com/scvmm Server App-V Team blog: http://blogs.technet.com/b/serverappv Service Manager Team blog: http://blogs.technet.com/b/servicemanager System Center Essentials Team blog: http://blogs.technet.com/b/systemcenteressentials WSUS Support Team blog: http://blogs.technet.com/sus/
The Forefront Server Protection blog: http://blogs.technet.com/b/fss/ The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/ The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/ The Forefront TMG blog: http://blogs.technet.com/b/isablog/ The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
I'd like clarification on this statement:
"Please remove any Group Policies containing “Turn off Windows Defender”=Disabled"
Does this mean that the "turn off Windows Defender" policy should be set to Enabled or Not Configured?
On my first read of the note, I took it to mean that any policies which disable Windows Defender should be removed. This would makes sense because Defender on Windows 8 is the same service/process (MsMpEng.exe) as FEP/SCEP.
Hi Kevin, that means it should be set to "Enabled." Just as an FYI there are some steps on how to do this here:
What free antivirus do you provide for Server 2012 when used as workstation? On previous version you could use MSE.
More information on Microsoft antimalware protection on Windows 8 and Windows Server 2012