SureMDM

Settings

Description

Scan

Allow Archive Scanning

Allow or deny scanning of archives.

Allow Email Scanning

Allow or deny scanning of emails.

Allow Scanning Network Files

Allow or deny scanning of network files

Allow Full Scan OnMapped Network Drives

Allow or deny full scanning of  mapped network drives

Allow Full Scan Removable Drive Scanning

Allow or deny full scanning of  removable network drive

Scan Parameter

Select to perform Quick Scan or Full Scan.

Check For Signatures Before Running Scan 

Allow or deny a check for new definitions that will occur before scanning.

Disable Catchup Full Scan

Disables catch-up scans for scheduled full scans.

Disable Catchup Quick Scan

Disables catch-up scans for scheduled quick scans.

Enable Low CPU Priority

Allows low CPU priority for scheduled scans.

Avg CPU Load Factor

Enter the average CPU load factor (in percent) for Windows Defender scan.

Schedule Quick Scan Time

Enter the time of the day at which Windows Defender scan should start running. For example value of 0=12.00AM.

Schedule Scan Day

Select the day on which Windows Defender scan should start running.

Schedule Scan Time

Enter the time of the day at which Windows Defender scan should start running.

Real-Time Protection

Allow Realtime Monitoring

Allow or deny Windows Defender Realtime monitoring functionality.

Allow Behavior Monitoring

Allow or deny Windows Defender Behavior monitoring functionality.

Allow IOAV Protection

Allow or deny Windows Defender IOAV Protection functionality.

Allow Intrusion Prevention System

Allow or deny Windows Defender Intrusion Prevention functionality.

Allow On Access Protection

Allow or deny Windows Defender Access Prevention functionality.

PUA Protection

Select an option (PUA Protection Off / PUA Protection On / Audit Mode) that specifies the level of detection for potentially unwanted applications. 

Real Time Scan Direction

Select an option (Monitor all files (bi-directional) / Monitor incoming files / Monitor Outgoing files) to scan only the specified files.

Exclusions

Excluded Extensions

Enter a list of file type extensions to be ignored during the scan. Each file type in the list must be separated by a |. For example : lib|obj

Excluded Paths

Enter a list of directory paths to be ignored during the scan. Each path in the list must be separated by a |. For example : C:\Example|C:\Example1

Excluded Processes

Enter a list of files opened by processes to be ignored during a scan. Each path in the list must be separated by a |. For example : C:\Example|C:\Example1

Signature Updates

Signature Update Interval

Enter the interval (in hours) that will check for signatures for every specified interval. A value of 0 means no check for new signatures.

Note: The interval value ranges between 0 to 24. 24 means to check for new signatures every day. The default value is 8.

Signature Update File Shares Sources

Enter the UNC file share sources for downloading definition updates. The value of this settings should be entered by|.

Signature Update Fallback Order

Select the definition update sources (InternalDefinitionUpdateServer /  MicrosoftUpdateServer / MMPC / FileShares) in the order in which different definition update sources should be contacted.

Windows Defender Exploit Guard

Attack Surface Reduction

Attack Surface Reduction Rules

Enter the values as ASR rule ID - status ID pair separated by a |. This setting enables the state (Block / Audit / Off) of each Attack Surface Reduction Rule (ASR).

Attack Surface Reduction Only Exclusions

Enter a list of paths separated by a |. This setting allows to prevent Attack Surface Reduction Rules (ASR)  from matching on files under the paths specified or for fully qualified  resources specified.

Controlled Folder Access

Enable Controlled Folder Access

Select the Controlled Folder Access (Enabled / Disabled / Audit Mode) that enables the setting state as On / Off / Audit.

Controlled Folder Access Protected Folders

Enter the user specified folder locations for the Controlled Folder Access setting. Use | as the separator.

Controlled Folder Access Allowed Applications

Enter the user specified applications for the Controlled Folder Access setting. Use | as the separator.

Network Protection

Enable Network Protection

Select an option (Disabled / Enabled (block mode) / Enabled (audit mode) for the Network Protection.

Advanced

Allow Cloud Protection

Turn ON this option to allow Windows Defender to send information to Microsoft in case of any problems it finds.  

Submit Samples Consent

Select an option from the following to check for the user content level in Windows Defender to send data.

• Always prompt
• Send safe samples automatically
• Never Send 
• Send all samples automatically

Cloud Block Level

Select an option from the following to determine how aggressive Windows Defender Antivirus will be blocking and scanning suspicious files.

Note: This feature will work only when Allow Cloud Protection setting is enabled. 

Cloud Extended Timeout

Enter the value (0 to 50) to block the suspicious file up to 50secs.

Note: This feature will work only when Allow Cloud Protection or Submit Samples Consent settings are enabled.

Allow Script Scanning

Allow or deny Windows Defender script scanning functionality.

Allow User UI Access

Allow or deny user access to the Windows Defender UI. If denied, all Windows Defender notifications will be suppressed.

Threat Severity Default Action

Enter the threat severity level in the format threat_level= action|threat_level=action. Allow admins to specify any valid threat severity levels and corresponding default action ID to take.

Days to Retain Cleaned Malware

Enter the time period (in days) that quarantine items will be stored in the system.

 Note: The default value is 0, which keeps items in quarantine and does not automatically remove them.