Use Microsoft Intune to configure and manage Microsoft Defender Antivirus

Applies to:

• Microsoft Defender for Endpoint Plan 1
• Microsoft Defender for Endpoint Plan 2
• Microsoft Defender Antivirus

Platforms

• Windows

You can use the Microsoft Intune family of products to configure Microsoft Defender Antivirus scans, like Microsoft Intune and Configuration Manager.

Configure Microsoft Defender Antivirus scans in Intune

1. Go to the Microsoft Intune admin center (https://intune.microsoft.com), and sign in.

2. Navigate to Endpoint Security.

3. Under Manage, choose Antivirus.

4. Select your Microsoft Defender Antivirus policy.

5. Under Manage, choose Properties.

6. Next to Configuration settings, choose Edit.

   Important

   AllowIntrusionPreventionSystem antivirus settings is officially being deprecated and as such cannot be configured.

7. Expand the Scan section, and review or edit your scanning settings.

8. Choose Review + save.

Tip

Need help? See Manage endpoint security in Microsoft Intune.

Tip

If you're looking for Antivirus related information for other platforms, see:

• Set preferences for Microsoft Defender for Endpoint on macOS
• Microsoft Defender for Endpoint on Mac
• macOS Antivirus policy settings for Microsoft Defender Antivirus for Intune
• Set preferences for Microsoft Defender for Endpoint on Linux
• Microsoft Defender for Endpoint on Linux
• Configure Defender for Endpoint on Android features
• Configure Microsoft Defender for Endpoint on iOS features

Related articles

• Performance analyzer for Microsoft Defender Antivirus
• Reference articles for management and configuration tools
• Microsoft Defender Antivirus in Windows 10

Tip

Performance tip Due to a variety of factors (examples listed below) Microsoft Defender Antivirus, like other antivirus software, can cause performance issues on endpoint devices. In some cases, you might need to tune the performance of Microsoft Defender Antivirus to alleviate those performance issues. Microsoft's Performance analyzer is a PowerShell command-line tool that helps determine which files, file paths, processes, and file extensions might be causing performance issues; some examples are:

• Top paths that impact scan time
• Top files that impact scan time
• Top processes that impact scan time
• Top file extensions that impact scan time
• Combinations – for example:
  • top files per extension
  • top paths per extension
  • top processes per path
  • top scans per file
  • top scans per file per process

You can use the information gathered using Performance analyzer to better assess performance issues and apply remediation actions. See: Performance analyzer for Microsoft Defender Antivirus.

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.