Use Microsoft Endpoint Manager to configure and manage Microsoft Defender Antivirus

Applies to:


  • Windows

You can use Microsoft Endpoint Manager to configure Microsoft Defender Antivirus scans. Microsoft Intune and Configuration Manager are now part of Endpoint Manager.

Configure Microsoft Defender Antivirus scans in Endpoint Manager

  1. Go to the Microsoft Endpoint Manager admin center (, and sign in.

  2. Navigate to Endpoint Security.

  3. Under Manage, choose Antivirus.

  4. Select your Microsoft Defender Antivirus policy.

  5. Under Manage, choose Properties.

  6. Next to Configuration settings, choose Edit.


    AllowOnAccessProtection and AllowIntrusionPreventionSystem antivirus settings are officially being deprecated and as such cannot be configured.

  7. Expand the Scan section, and review or edit your scanning settings.

  8. Choose Review + save.