Q
Get started Bring yourself up to speed with our introductory content.

How do I avoid Windows Defender compatibility issues?

Microsoft offers a free antimalware tool for client and server systems, but administrators need to tune the layers of protection to avoid problems.

With all the security options available to keep Windows systems secure, it's important to ensure the proper configuration...

of your antivirus application to avoid any Windows Defender compatibility issues.

Microsoft provides a native antimalware application called Windows Defender Antivirus (AV) to keep infections away from Windows 10 and Windows Server 2016 operating systems. Depending on the other types of protections that run on these systems, the Windows Defender compatibility features adjust the application to run in one of three modes: active mode, passive mode and automatic disabled mode.

When Windows Defender AV is in active mode, the application functions as the primary antimalware application on the system. It will scan files and remediate threats while reporting detection results to the management tool. Administrators can manage Windows Defender with different tools, such as System Center Configuration Manager, Group Policy and Intune, or within the application itself.

In Windows 10, Windows Defender AV enters passive mode automatically when it detects another antivirus tool in the system or if the system uses Windows Defender Advanced Threat Protection (ATP). The ATP service works in conjunction with the Windows Defender AV service to look for attacks and other security events.

Passive mode enables Windows Defender AV to run, but it does not act as the primary antimalware application. Windows Defender AV scans files and reports its detections to Windows Defender ATP, but Windows Defender AV does not remediate any detected threats.

Windows Defender AV enters automatic disabled mode when it detects another AV tool on the system under Windows 10 and when the business does not have a Windows Defender ATP enrollment. In this mode, Windows Defender AV will not scan files, remediate issues or report threats.

Avoid Windows Defender compatibility issues

In Windows Server 2016, it's important to note that Windows Defender AV will not enter passive or disabled mode when another AV tool is present on the server operating system.

In Windows Server 2016, it's important to note that Windows Defender AV will not enter passive or disabled mode when another AV tool is present on the server operating system.

Since Windows Defender AV remains active in Windows Server 2016 despite the presence of a third-party antivirus offering, there is a chance for conflict.

If an organization opts to use a third-party product, then Microsoft recommends that the administrator be aware of potential Windows Defender compatibility issues and remove or disable Windows Defender AV to enable other antivirus tools to run unimpeded on the Windows Server 2016 system.

The following PowerShell cmdlet will also uninstall Windows Defender AV from Windows Server 2016:

Uninstall-WindowsFeature -Name Windows-Defender

This was last published in May 2018

Dig Deeper on Windows Server and Network Security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What are your thoughts on using Windows Defender to protect Windows Server 2016?
Cancel

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchEnterpriseDesktop

SearchVirtualDesktop

Close