Select Policies then Administrative templates.Įxpand the tree to Windows components > Microsoft Defender Antivirus > Signature Updates.ĭouble-click the Define the number of days after which a catch-up security intelligence update is required setting and set the option to Enabled. In the Group Policy Management Editor go to Computer configuration.
On your Group Policy management computer, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and then select Edit. Use Group Policy to enable and configure the catch-up update feature This setting causes the next update location to be used, based on the defined fallback source order. For the If Configuration Manager is used as a source for security intelligence updates., specify the hours before which the protection updates delivered by Configuration Manager should be considered out of date.Set Force a security intelligence update if the client computer is offline for more than two consecutive scheduled updates to Yes.Go to the Security intelligence updates section and configure the following settings: On your Microsoft Configuration Manager console, open the antimalware policy you want to change (select Assets and Compliance in the navigation pane on the left, then expand the tree to Overview > Endpoint Protection > Antimalware Policies)
Use Configuration Manager to configure catch-up protection updates
You can use one of several methods to set up catch-up protection updates: This configuration is useful if you have globally disabled automatic update downloads on startup. If Microsoft Defender Antivirus didn't download protection updates for a specified period, you can set it up to automatically check and download the latest update the next time someone signs in on an endpoint. Set up catch-up protection updates for endpoints that haven't updated for a while When the employee returns to work and signs into their computer, Microsoft Defender Antivirus will immediately check and download the latest protection updates, and then run a scan. This capability is especially useful in environments where devices aren't often connected to a corporate or external network, or for devices that aren't used on a daily basis.įor example, an employee who uses a particular computer takes three days off of work, and doesn't sign on their computer during that time. With Microsoft Defender Antivirus, your security team can define how long an endpoint can avoid an update or how many scans it can miss before it's required to receive the update and run a scan.
0 kommentar(er)
