Anti-Malware for Windows Only
The Anti-Malware section performs compliance handling in regards to virus protection and threat analysis on a device. By utilizing both third-party AV protection and Windows Security Center, administrators can manage policies to ensure that devices will accurately reported as compliant.
Anti-Malware for Windows
This section can be applied to multiple device types: desktops, laptops, VMs, and servers. However, if needed, an administrator can customize the applicable device types. The settings that fall under Windows' tab of Anti-Malware are:
| Setting | Description |
|---|---|
"Windows Security Center does not detect anti-malware protection" NOTE: acts like a fallback for any specific anti-malware applications chosen below | If enabled, device will be marked as non-compliant if Windows Security Center is not able to detect anti-malware protection. For more information on how Windows Security Center acts as a 'fallback', see below. |
| Specific anti-malware applications not installed | If enabled, device be marked as non-compliant if specific anti-malware was not installed. Administrators can use the Advanced setting to select the third-party AV(s) from the catalog. |
Both settings can have increased severity by being marked as "Is Critical".
Windows Security Center: Fallback Option
To review your compliance within Windows Security Center on your Windows device, go to Settings > Update & Security > Windows Security. From there, you are able to see how Windows Security Center analyzes a device's compliance. If there are no recommendations for the device's safety, and no actions required, then the device is reported as compliant. If the "Windows Security Center does not detect anti-malware protection" setting is enabled, Windows reports your device as compliant, and no third-party AV is available, your device will be labeled as compliant in My OPSWAT Central Management.
If "Windows Security Center does not detect anti-malware protection" is disabled, and third-party AVs are not detectable by OPSWAT, then the device will be labeled as non-compliant in My OPSWAT Central Management. So by utilizing Windows Security Center as a fallback option for the Anti-Malware policy setting, this means that Windows Security Center will assess the device in addition to the MetaDefender Endpoint. If it detects the antivirus program on a device and/or determines that your device is compliant, then the device will be labeled as compliant in My OPSWAT Central Management, even if specific third-party AV has labeled the device as non-compliant or the third-party AV is not detectable.
By utilizing both settings in the Anti-Malware section, administrators can to verify a device's compliance in the scenario where one option won't be able to detect security on a device.