In Windows 1703 – Windows Defender Security Center was first introduces.

 

 

In Windows 10 1709 there is a lot of new policies and settings and one of them is settings for Windows Defender Security Center. I first did a blogpost about this back when Windows 10 1709 still was a insider build, the original post can be found here.

When I did the original post the settings was not published in Intune – so I did in with a custom Windows 10 profile in Intune – and used the OMA-URI, but now there is a profile directly to configure Windows Defender.

Windows 10 - Configure WindowsDefenderSecurityCenter - UX 00

I will show how to hide “Family options”  and leave the rest ‘ they can also be hidden from the profile.

First create a new profile in intune:

  1. Name: Windows 10 – Windows Defender Security Center
  2. Platform: Windows 10 and later
  3. Profile Type :Endpoint protection
  4. Settings: Configure
  5. Windows Defender Security Center: 

Windows 10 - Configure WindowsDefenderSecurityCenter - 21.png

You have the possibility to hide/block the various areas of Windows Defender Security Center app.

Windows 10 - Configure WindowsDefenderSecurityCenter - 22.png

In this case I will hide/block access to the family options so it is not shown in my enterprise environment.

Windows 10 - Configure WindowsDefenderSecurityCenter - 23

  1. Family options: Hide
  2. Notifications from the displayed areas of the app: Block non-critical notifications

Notifications from the displayed areas of app can be set to the following:

Block all notifications – this will block all notifications from the app

Block non-critical notifications – this will block all non-critical notifications from the app

You can configure the IT contact information in Windows Defender Security Center app

Windows 10 - Configure WindowsDefenderSecurityCenter - 24.png

Some of the other new settings in Windows Defender Security Center is company customization with branding and custom information, (Phone using Skype, Email, Help portal URL) in Windows Defender Security Center. 

Windows 10 - Configure WindowsDefenderSecurityCenter - 25

  1. IT contact information: Display in app and in notifications
  2. IT organization name: Osddeployment
  3. IT department phone number or Skype ID: +45 11 22 33 44
  4. IT department email address: servicedesk@osddeployment.dk
  5. IT support website URL: https://osddeployment.dk

IT contact information can be set to 3 different values:

  • Display in app and in notifications
  • Display only in app
  • Display only in notifications

The OMA-URI that will be deployed to the devices from Intune is:

Name:
WindowsDefenderSecurityCenter/CompanyName
OMA-URI:
./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/CompanyName
Data Type:
String
Value:
Osddeployment

Name:
WindowsDefenderSecurityCenter/Phone
OMA-URI:
./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/Phone
Data Type:
String
Value:
+45 11 22 33 44

Name:
WindowsDefenderSecurityCenter/URL
OMA-URI:
./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/URL
Data Type:
String
Value:
https://osddeployment.dk
./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/DisableFamilyUI
Data Type:
Integer
Value:
1 (0 = Disable and 1 = Enable)


This settings can also be set with a GPO when using Active Directory

GPO


How it the user experience when we start doing the policy:

When we hide FamilyUI it is not showed in Windows Defender Security Center

Windows 10 - Configure WindowsDefenderSecurityCenter - UX 01

When we do the customization it look like this:

Our company name is showed in the right lower corner

Windows 10 - Configure WindowsDefenderSecurityCenter - UX 02

When we click on the company name the rest of our customize information is showed.

Windows 10 - Configure WindowsDefenderSecurityCenter - UX 03

 


How do we see if the settings are applied to the device:

In the settings apps we are also getting more information in Windows 1709

Settings App – Account –

Policy area applied – WindowsDefenderSecurityCenter

Windows 10 - Configure WindowsDefenderSecurityCenter - 11a

When exporting the local policy settings we get a XML file with all the settings that are applied to the user or device.

Search for WindowsDefenderSecurityCenter then we can see all the related settings

Windows 10 - Configure WindowsDefenderSecurityCenter - 11


More information :

Policy CSP – WindowsDefenderSecurityCenter

Configure the notifications that appear on endpoints