Defender Manager and Microsoft Defender Tamper Protection
This article describes the Defender Manager App capabilities when Microsoft Defender has Tamper Protection Enabled
On Windows 10 build 1709 and higher, Microsoft introduced a new feature for Microsoft Defender called Tamper Protection. Tamper protection was designed to prevent attackers from disabling Defender Protection. It also prevents the RocketAgent from managing certain settings related to Microsoft Defender.
The table below outlines settings that RocketAgent cannot manage when Tamper Protection is enabled.
|
Category |
Description |
|---|---|
|
General |
|
|
Enable Windows Defender |
The master switch for enabling Windows Defender on a device. The default value is set to No which will allow you to switch Defender on when you are ready. Once Defender is enabled on the device you will not be able to disable it using the Defender Manager with Tamper Protection enabled. |
|
Realtime Protection |
|
|
Real-time Monitoring |
Enables & disables real-time monitoring component for Microsoft Defender. Defender Manager can enable this setting but cannot disable the setting with Tamper Protection enabled. |
|
Behavioral Monitoring |
Enable & disables the behavioral monitoring component for Microsoft Defender. Defender Manager can enable this setting but cannot disable the setting with Tamper Protection enabled. |
|
Scan All Downloaded Files and Attachments |
Enable & disables scanning of all files downloaded via IE/Edge browsers. Defender Manager can enable this setting but cannot disable the setting with Tamper Protection enabled. |
|
Script Scanning |
Enable & disable script scan for malicious content before execution. Defender Manager can enable this setting but cannot disable the setting with Tamper Protection enabled. |
