[German]Does anyone use Windows Defender on Windows 10 in an enterprise environment? Then assure that Windows Defender can connect to various cloud services. Otherwise 'Defender cloud protection' is not ensured.
Recently I published the article Windows 7 Defender won't receive updates (June 2018), addressing issues with Windows 7 Defender, which doesn't receive updates anymore. Either module updates have killed the Defender or there is a server-side problem at Microsoft. This question is unanswered, although this is currently not a big problem under Windows 7 – no one will just rely on Windows Defender, but use a separate antivirus solution.
Under Windows 10, however, Microsoft positions Windows Defender as a complete antivirus solution. And especially in the enterprise environment, Microsoft offers very good protection with Windows Defender Advanced Thread Protection (ATP) and cloud services – provided everything is set up correctly.
Does the Firewall blocks Windows Defender Cloud access?
In corporate networks, outgoing connections are often limited via a firewall. This may prevent Windows Defender from accessing the cloud to detect threats or the servers to download new signatures. Recently I became aware of this topic via Twitter.
Is your Windows Defender/SCEP missing detections?
Are you behind a corporate firewall?
Your network team may have broken Defender cloud protection connections as part of an overbroad Windows Update block. This happens! You should test. https://t.co/MDQaT0x23S
— SwiftOnSecurity (@SwiftOnSecurity) 30. Juni 2018
Microsoft has published End of April 2018 the article Configure and validate network connections for Windows Defender Antivirus. This article discusses how to set up the enterprise firewall so that the 'Windows Defender Antivirus Cloud-delivered Protection', also known as Microsoft Advanced Protection Service (MAPS), works.
In my opinion, the URLs of websites that Windows Defender needs to be able to contact in order for Microsoft Advanced Protection Service (MAPS) to work are of particular interest.
Whether the function is available and how to activate it can be found on the Windows Active Defense website under 'Cloud-delivered protection'.
Windows Defender reports Trojans as false positives
Windows Defender extension for Google Chrome
Windows 7/8.1 receiving Windows Defender ATP support
Windows 10 V 1703: How to disable Windows Defender in Security Center
Cookies helps to fund this blog: Cookie settings