Defender device policy

Windows Defender is malware protection included with Windows 10. You can use the XenMobile device policy, Defender, to configure the Microsoft Defender policy for Windows 10 for desktop and tablet.

To add or configure this policy, go to Configure > Device Policies. For more information, see Device policies.

Windows Desktop and Tablet settings

Image of Device Policies configuration screen

  • Allows scanning of archives: Allows or disallows Defender to scan archived files. Defaults to Off.
  • Allows cloud protection: Allows or disallows Defender to send information to Microsoft about malware activity. Defaults to On.
  • Allows a full scan of removable drives: Allows or disallows Defender to scan removable drives such as USB sticks. Defaults to On.
  • Allows Windows Defender Real-time Monitoring functionality: Defaults to On.
  • Allows scanning of network files: Allows or disallows Defender to scan network files. Defaults to On.
  • Allows user access to the Windows Defender UI: Specifies whether users can access the Windows Defender user interface. This setting takes effect the next time the user device starts. If this setting is Off, users don’t receive any Windows Defender notifications. Defaults to On.
  • Excluded extensions: The extensions to exclude from real-time or scheduled scans. To separate extensions, use the | character. For example, “lib|obj”.
  • Excluded paths: The paths to exclude from real-time or scheduled scans. To separate paths, use the | character. For example, “C:\Example|C:\Example1”.
  • Excluded processes: The processes to exclude from real-time or scheduled scans. To separate processes, use the | character. For example, “C:\Example.exe|C:\Example1.exe”.
  • Submit samples consent: Controls whether to send to Microsoft files that might require further analysis to determine if they are malicious. Options: Always prompt, Send safe samples, Never send, Send all samples. Defaults to Send safe samples.

Defender device policy