Defender Profile

Defender Profile encapsulates specifications that protect your system by regulating system scans, protecting from network level threats, and configuring real-time monitoring. You can configure the Defender parameters by creating a profile and associating the profile to the devices or groups.

Profile Description

Profile Specification Description
Scan Archives Configure it to scan archived files for malicious software and/or unwanted software.
Behavior Monitoring This option allows you to observe and analyze the activities and actions of applications and processes running on a Windows system.
Cloud Protection Configure Microsoft MAPS for cloud-delivered protection against malware on your endpoints.
Scan Email Scan legacy email media files like MBX, DBX, MIME for detecting threats.
Scan Mapped Network Drives Scan for network drives that are mapped system level for viruses or other threats. User-level mapped network drives are not scanned.
Scan Removable Drives Scan removable drives to detect malware or viruses in files.
Intrusion Prevention System Configure IPS to provide network-level security from network exploits, and other malicious content by blocking any suspicious activity.
Input/Output file protection This option lets you check for scanning for all downloaded files and attachments.
Cloud Protection Level Configure the intensity level for Cloud Protection configuration.
  • Not Configured (default)
  • High
  • High Plus
  • Zero Tolerance
On Access Protection Configure URL authorization rules and built-in request filtering to protect web servers from malicious requests and unauthorized access.
Scan Network files Configure real-time scanning for files accessed over the network for malware and viruses.
Real-time Monitoring This option lets you configure real-time monitoring to identify malware based on known suspicious and malicious activities.
Scan Scripts Configure scan for malicious scripts and vulnerabilities.
User Interface Lockdown This option lets you configure whether to lockdown the Defenders' user interface.
Signature update pre-scan This option allows you to manage whether a check for new viruses and spyware security intelligence will occur before running a scan.
Potentially Unwanted Applications (PUA) Protection Configure detection for potentially unwanted applications that could impact the performance of your system, by displaying ads, running slowly, or installing child applications.
Monitor and Scan This option lets you configure to determine which NTFS file and program activity is monitored.
Scheduled Scan Type Specify the scan type, Quick/Full, to use during the scheduled scan.
Network Protection This option lets you switch from real-time inspection to asynchronous inspection of the network protection to improve performance.
CPU Throttle on scheduled scan This option indicates whether the CPU will be throttled for the scheduled scans.
Network Protection Telemetry This option allows you to configure the gathering and sending of performance telemetry from Network Protection, to report telemetry to the Microsoft Defender.
File Hash Computation This option lets you compute hash values for files as they are scanned.
Hide Exclusions from Local Admins This option allows you to configure whether exclusions are visible to local admins.
Hide Exclusions from Local Users This option allows you to configure whether exclusions are visible to local users.