In Windows 1703 – Windows Defender Security Center was first introduces.

In Windows 10 1709 there is a lot of new policies and settings and one of them is settings for Windows Defender Security Center. I first did a blogpost about this back when Windows 10 1709 still was a insider build, the original post can be found here.

When I did the original post the settings was not published in Intune – so I did in with a custom Windows 10 profile in Intune – and used the OMA-URI, but now there is a profile directly to configure Windows Defender.

I will show how to hide “Family options”  and leave the rest ‘ they can also be hidden from the profile.

First create a new profile in intune:

1. Name: Windows 10 – Windows Defender Security Center
2. Platform: Windows 10 and later
3. Profile Type :Endpoint protection
4. Settings: Configure
5. Windows Defender Security Center: 

You have the possibility to hide/block the various areas of Windows Defender Security Center app.

In this case I will hide/block access to the family options so it is not shown in my enterprise environment.

1. Family options: Hide
2. Notifications from the displayed areas of the app: Block non-critical notifications

Notifications from the displayed areas of app can be set to the following:

Block all notifications – this will block all notifications from the app

Block non-critical notifications – this will block all non-critical notifications from the app

You can configure the IT contact information in Windows Defender Security Center app

Some of the other new settings in Windows Defender Security Center is company customization with branding and custom information, (Phone using Skype, Email, Help portal URL) in Windows Defender Security Center. 

1. IT contact information: Display in app and in notifications
2. IT organization name: Osddeployment
3. IT department phone number or Skype ID: +45 11 22 33 44
4. IT department email address: [email protected]
5. IT support website URL: https://osddeployment.dk

IT contact information can be set to 3 different values:

• Display in app and in notifications
• Display only in app
• Display only in notifications

The OMA-URI that will be deployed to the devices from Intune is:

Name: WindowsDefenderSecurityCenter/CompanyName

OMA-URI:

./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/CompanyName

Data Type:

String

Value:

Osddeployment

Name: WindowsDefenderSecurityCenter/Phone

OMA-URI:

./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/Phone

Data Type:

String

Value:

+45 11 22 33 44

Name: WindowsDefenderSecurityCenter/URL

OMA-URI:

./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/URL

Data Type:

String

Value:

https://osddeployment.dk ./Vendor/MSFT/Policy/Config/WindowsDefenderSecurityCenter/DisableFamilyUI

Data Type:

Integer

Value:

1 (0 = Disable and 1 = Enable)

This settings can also be set with a GPO when using Active Directory

How it the user experience when we start doing the policy:

When we hide FamilyUI it is not showed in Windows Defender Security Center

When we do the customization it look like this:

Our company name is showed in the right lower corner

When we click on the company name the rest of our customize information is showed.

How do we see if the settings are applied to the device:

In the settings apps we are also getting more information in Windows 1709

Settings App – Account –

Policy area applied – WindowsDefenderSecurityCenter

When exporting the local policy settings we get a XML file with all the settings that are applied to the user or device.

Search for WindowsDefenderSecurityCenter then we can see all the related settings

More information :

Policy CSP – WindowsDefenderSecurityCenter

Configure the notifications that appear on endpoints