Here are the screenshots from Endpoint compliance check and Windows Defender Security Center: https://imgur.com/a/2JrRC75
Microsoft Endpoint blocks non-Microsoft mlware detection, even though my AV is "Windows Defender Security Centre"-compliant - can admins allow alternative Anti-Malware software for compliance?
For MS 365 Endpoint/Intune compliance Microsoft required that you use either Windows Defender AV (and Anti-Malware) or "a solution which is registered with the Windows Defender Security Center" (WDSC, in case you don't know, this is just a fancy name for the Windows Security app, specifically the Home tab, see here) . Trendmicro Internet Security is registered with the WDSC and I have all green ticks (proof of compliance). As you likely also know, Trendmicro provides anti-malware protection, and once you install Trendmicro is disables Windows A-V and A-M (because Trendmicro now covers these functions), however ...
Whilst Endpoint recognises that Trendmicro has superseded it's over AV and AM, it still throws an error on compliance checking with the complaint that I need to "enable Windows Defender Antimalware Real-Time Protection", but ...
As you, once you install another AV/AM suite, Microsofts AV/AM software (aka Windows Defender family) is disabled, so I simply cannot enable just enable Windows Defender Antimalware Real-Time Protection - not by control panel, registry, or powershell.
So I am stuck in a loop :|
Can admins specifically permit other anti-malware clients as demonstration of compliance? Or is this a bug in Endpoint compliance checking?
2 answers
Sort by: Most helpful
-
-
Justin Moss 1 Reputation point
2021-03-23T07:08:05.207+00:00 I assume this Intune Portal is only available to admins - I am not an admin, therefore I cannot access this Portal. In any case, I know which device is apparently not compliant (my home PC) and the claimed reason (no Windows Defender Anti-Malware Real-time Protection AMRP). I can asks admins to do this however, aren't they going to find out exactly what I already know? That is - that by allowing any antivirus (with malware built-in) and simultaneously requiriing Microsoft AMRP, they are effectively making is possible to only be compliant if I run MS AV and AMRP.