Specify content excluded from being scanned by full file path. Specify content excluded from being scanned by type. (Exclusions are specified as an array of items, administrator can specify as many elements as necessary, in any order.)
Exclusions can be specified by full paths, extensions, or file names. Specify entities excluded from being scanned.
This setting can be used to restrict local users from defining their own exclusions.Īvailable in Microsoft Defender for Endpoint version 100.83.73 or higher. This can be a combination of administrator-defined and user-defined exclusions ( merge) or only administrator-defined exclusions ( admin_only). Allowed values are integers between 1 and 64. This corresponds to the number of threads used to perform the scan and impacts the CPU usage, as well as the duration of the on-demand scan.Ģ (default). Specifies the degree of parallelism for on-demand scans. Specifies whether to scan archives during on-demand antivirus scans.ĭegree of parallelism for on-demand scans Scan archives (on-demand antivirus scans only) Enabling this setting will trigger an antivirus scan on the running processes of the device.Īvailable in Microsoft Defender for Endpoint version 101.41.10 or higher. Specifies whether to start a process scan after new security intelligence updates are downloaded on the device. Security intelligence updates are turned onĪvailable in Microsoft Defender for Endpoint version 100.67.60 or higher.Automatic threat remediation is turned off.Passive mode has the following implications: Specify whether the antivirus engine runs in passive mode. Specify whether to enable real-time protection, which scans files as they are accessed. See the following sections for a description of the dictionary contents. The antivirusEngine section of the configuration profile is used to manage the preferences of the antivirus component of Microsoft Defender for Endpoint. The top level of the configuration profile includes product-wide preferences and entries for subareas of Microsoft Defender for Endpoint, which are explained in more detail in the next sections. The following sections contain examples of configuration profiles for JAMF and Intune. The layout of the configuration profile depends on the management console that you are using. Values can either be simple (such as a numerical value) or complex, such as a nested list of preferences. plist file that consists of entries identified by a key (which denotes the name of the preference), followed by a value, which depends on the nature of the preference.
Microsfoft word for mac soft line feed how to#
This article describes the structure of the configuration profile, includes a recommended profile that you can use to get started, and provides instructions on how to deploy the profile. Changing the preferences that are set through the configuration profile requires escalated privileges and is not available for users without administrative permissions. Preferences that are managed by your security operations team take precedence over preferences that are set locally on the device. In enterprise organizations, Microsoft Defender for Endpoint on macOS can be managed through a configuration profile that is deployed by using one of several management tools. To configure Microsoft Defender for Endpoint on macOS using the command-line interface, see Resources.
This article contains instructions for how to set preferences for Microsoft Defender for Endpoint on macOS in enterprise organizations.
0 kommentar(er)
