| title | macOS Antivirus policy settings for Microsoft Defender Antivirus for Intune | ||
|---|---|---|---|
| description | See a list of the settings in the Microsoft Defender Antivirus profile for macOS. This profile is s part of Endpoint security Antivirus policy for macOS in Microsoft Intune. | ||
| ms.date | 09/12/2024 | ||
| ms.topic | reference | ||
| ms.collection |
|
||
| ms.reviewer | laarrizz |
View the Microsoft Defender Antivirus profile settings you can configure for Microsoft Defender for Endpoint for Mac in Microsoft Intune. For more information about these settings, see Microsoft Defender for Endpoint for Mac in the Windows documentation.
Learn about using Endpoint security policies in Intune.
For details about these settings, see the settings entry in Set preferences for Microsoft Defender for Endpoint on macOS in the Microsoft Defender for Endpoint documentation.
-
Enable / disable cloud delivered protection
- Not configured (default)
- Enabled
- Disabled
-
Enable / disable automatic sample submissions
- Not configured (default)
- Enabled
- Disabled
-
Diagnostic collection level
- Not configured (default)
- Optional
- Required
-
Automatic security intelligence updates
- Not configured (default)
- Enabled
- Disabled
For details about these settings, see the settings entry in Set preferences for Microsoft Defender for Endpoint on macOS in the Microsoft Defender for Endpoint documentation.
-
Enable real-time protection (deprecated) - This setting is replaced by Enforcement level.
- Not configured (default)
- Enabled
- Disabled
-
Enable passive mode (deprecated) - This setting is replaced by Enforcement level.
- Not configured (default)
- Enabled
- Disabled
-
Scan history size
- Not configured (default)
- Configured - When configured, specify a number of entries to keep in scan history.
-
Scan results retention
- Not configured (default)
- Configured - When configured, specify the number of days that results are retained in the scan history on the device.
-
Exclusions merge
- Not configured (default)
- Admin_only
- Merge
-
Scan exclusions
- Configured (default)
- Not configured
-
Threat type settings
- Configured (default)
- Not configured
-
Threat type settings merge
- Not configured (default)
- Admin_only
- Merge
-
Allowed threats
- Not configured (default)
- Configured
-
Disallowed threat actions
- Not configured (default)
- Configured
-
Degree of parallelism for on-demand scans
- Configured (default) (2)
- Not configured
-
Enable file hash computation
- False (default)
- True
- Not configured
-
Run a scan after definitions are updated
- Enabled (default)
- Disabled
- Not configured
-
Scanning inside archive files
- False (default)
- True
- Not configured
-
Enforcement level
- Passive (default)
- Real time
- On Demand
- Enforcement level
- Audit (default)
- Disabled
- Block
- Not configured
- Enforcement level
- Audit (default)
- Disabled
- Block
- Not configured
For details about these settings, see the settings entry in Set preferences for Microsoft Defender for Endpoint on macOS in the Microsoft Defender for Endpoint documentation.
-
Control sign-in to consumer version
- Enabled (default)
- Disabled
- Not configured
-
Show / hide status menu icon
- Disabled (default)
- Enabled
- Not configured
-
User initiated feedback
- Enabled (default)
- Disabled
- Not configured