This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Applies to:
You may have a number of down-level or legacy Windows devices that are enabled with Endpoint Protection—but are outside of your Configuration Manager hierarchy. For example, devices in a demilitarized zone or devices that are integrated through mergers and acquisitions.
You can manage Endpoint Protection in such devices using Group Policy settings, described as follows:
Note
For information on how to use Group Policy settings to manage Microsoft Defender Antivirus in Windows 10, Windows Server 2019, Windows Server 2016, or later as well as on Windows Server 2012 R2 after installing Microsoft Defender for Endpoint using the modern, unified solution see Use Group Policy settings to configure and manage Microsoft Defender Antivirus.
On a down-level Windows device that is managed by Endpoint Protection, copy the Endpoint Protection policy definition files.
Go to C:\Program Files\Microsoft Security Client\Admx.
Compress the following files into a zip file, for example SCEP_admx.zip:
Copy the zip file into a temporary folder. For example, C:\temp_SCEP_GPO_admx.
Extract the file.
Note
The registry keys to configure Endpoint Protection policy settings are located in Hkey_Local_Machine\Software\Policies\Microsoft\Microsoft Antimalware.
If you are using a Central Store for Group Policy Administrative Templates, perform the following steps to load and configure Endpoint Protection Group policy settings. This is the recommended method.
Go to the folder where you extracted the Endpoint Protection policy definition files.
Copy the .admx and .adml files into the PolicyDefinitions folder on the domain controller:
For example:
where DC is the name of your Domain Controller and contoso.com is your domain.
Open the Group Policy Management Console and create a new Group Policy Object (GPO) in your domain, for example Endpoint Protection.
Right-click the GPO for Endpoint Protection and click Edit.
In the Group Policy Management Editor, go to Computer Configuration > Policies > Administrative Templates: Policy definitions > Windows Components > Endpoint Protection.
The list of Endpoint Protection Group Policies is displayed.
Expand the section that contains the setting you want to configure, double-click the setting to open it, and make configuration changes.
Instead of using Central Store for loading Endpoint Protection policy definitions, you can store them locally into your device.
Go to the folder where you extracted the Endpoint Protection policy definition files.
Copy the .admx and .adml files into your local PolicyDefinitions folder.
For example:
Open Local Group Policy Editor.
Go to Computer Configuration > Administrative Templates > Windows Components > Endpoint Protection.
The list of Endpoint Protection Group Policies is displayed.
Expand the section that contains the setting you want to configure, double-click the setting to open it, and make configuration changes.
Training
Learning path
MD-102 Manage endpoint security - Training
In this learning path, students will learn about data protection and protecting endpoints against threats. This path will also cover the key capabilities of Microsoft Defender solutions.
Certification
Microsoft 365 Certified: Endpoint Administrator Associate - Certifications
Plan and execute an endpoint deployment strategy, using essential elements of modern management, co-management approaches, and Microsoft Intune integration.