In Windows 1703 – Windows Defender Security Center was first introduces.
In Windows 10 1709 there is a lot of new policies and settings and one of them is settings for Windows Defender Security Center. I first did a blogpost about this back when Windows 10 1709 still was a insider build, the original post can be found here.
When I did the original post the settings was not published in Intune – so I did in with a custom Windows 10 profile in Intune – and used the OMA-URI, but now there is a profile directly to configure Windows Defender.
I will show how to hide “Family options” and leave the rest ‘ they can also be hidden from the profile.
First create a new profile in intune:
- Name: Windows 10 – Windows Defender Security Center
- Platform: Windows 10 and later
- Profile Type :Endpoint protection
- Settings: Configure
- Windows Defender Security Center:
You have the possibility to hide/block the various areas of Windows Defender Security Center app.
In this case I will hide/block access to the family options so it is not shown in my enterprise environment.
- Family options: Hide
- Notifications from the displayed areas of the app: Block non-critical notifications
Notifications from the displayed areas of app can be set to the following:
Block all notifications – this will block all notifications from the app
Block non-critical notifications – this will block all non-critical notifications from the app
You can configure the IT contact information in Windows Defender Security Center app
Some of the other new settings in Windows Defender Security Center is company customization with branding and custom information, (Phone using Skype, Email, Help portal URL) in Windows Defender Security Center.
- IT contact information: Display in app and in notifications
- IT organization name: Osddeployment
- IT department phone number or Skype ID: +45 11 22 33 44
- IT department email address: servicedesk@osddeployment.dk
- IT support website URL: https://osddeployment.dk
IT contact information can be set to 3 different values:
- Display in app and in notifications
- Display only in app
- Display only in notifications
The OMA-URI that will be deployed to the devices from Intune is:
Name:
WindowsDefenderSecurityCenter/CompanyName
OMA-URI:
./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/CompanyName
Data Type:
String
Value:
Osddeployment
Name:
WindowsDefenderSecurityCenter/Phone
OMA-URI:
./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/Phone
Data Type:
String
Value:
+45 11 22 33 44
Name:
WindowsDefenderSecurityCenter/URL
OMA-URI:
./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/URL
Data Type:
String
Value:
https://osddeployment.dk
./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/DisableFamilyUI
Data Type:
Integer
Value:
1 (0 = Disable and 1 = Enable)
This settings can also be set with a GPO when using Active Directory
How it the user experience when we start doing the policy:
When we hide FamilyUI it is not showed in Windows Defender Security Center
When we do the customization it look like this:
Our company name is showed in the right lower corner
When we click on the company name the rest of our customize information is showed.
How do we see if the settings are applied to the device:
In the settings apps we are also getting more information in Windows 1709
Settings App – Account –
Policy area applied – WindowsDefenderSecurityCenter
When exporting the local policy settings we get a XML file with all the settings that are applied to the user or device.
Search for WindowsDefenderSecurityCenter then we can see all the related settings
More information :
Policy CSP – WindowsDefenderSecurityCenter
Configure the notifications that appear on endpoints
Cloud First 