Policy CSP - WindowsDefenderSecurityCenter

Warning

Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.


WindowsDefenderSecurityCenter policies

WindowsDefenderSecurityCenter/CompanyName
WindowsDefenderSecurityCenter/DisableAccountProtectionUI
WindowsDefenderSecurityCenter/DisableAppBrowserUI
WindowsDefenderSecurityCenter/DisableDeviceSecurityUI
WindowsDefenderSecurityCenter/DisableEnhancedNotifications
WindowsDefenderSecurityCenter/DisableFamilyUI
WindowsDefenderSecurityCenter/DisableHealthUI
WindowsDefenderSecurityCenter/DisableNetworkUI
WindowsDefenderSecurityCenter/DisableNotifications
WindowsDefenderSecurityCenter/DisableVirusUI
WindowsDefenderSecurityCenter/DisallowExploitProtectionOverride
WindowsDefenderSecurityCenter/Email
WindowsDefenderSecurityCenter/EnableCustomizedToasts
WindowsDefenderSecurityCenter/EnableInAppCustomization
WindowsDefenderSecurityCenter/HideRansomwareDataRecovery
WindowsDefenderSecurityCenter/HideSecureBoot
WindowsDefenderSecurityCenter/HideTPMTroubleshooting
WindowsDefenderSecurityCenter/Phone
WindowsDefenderSecurityCenter/URL

WindowsDefenderSecurityCenter/CompanyName

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. The company name that is displayed to the users. CompanyName is required for both EnableCustomizedToasts and EnableInAppCustomization. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices will not display the contact options.

Value type is string. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Specify contact company name
  • GP name: EnterpriseCustomization_CompanyName
  • GP element: Presentation_EnterpriseCustomization_CompanyName
  • GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

WindowsDefenderSecurityCenter/DisableAccountProtectionUI

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark4 check mark4 check mark4 check mark4 cross mark cross mark

Scope:

  • Device

Added in Windows 10, next major release. Use this policy setting to specify if to display the Account protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.

ADMX Info:

  • GP English name: Hide the Account protection area
  • GP name: AccountProtection_UILockdown
  • GP path: Windows Components/Windows Defender Security Center/Account protection
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

Valid values:

  • 0 - (Disable) The users can see the display of the Account protection area in Windows Defender Security Center.
  • 1 - (Enable) The users cannot see the display of the Account protection area in Windows Defender Security Center.

WindowsDefenderSecurityCenter/DisableAppBrowserUI

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Use this policy setting if you want to disable the display of the app and browser protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.

Value type is integer. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Hide the App and browser protection area
  • GP name: AppBrowserProtection_UILockdown
  • GP path: Windows Components/Windows Defender Security Center/App and browser protection
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) The users can see the display of the app and browser protection area in Windows Defender Security Center.
  • 1 - (Enable) The users cannot see the display of the app and browser protection area in Windows Defender Security Center.

WindowsDefenderSecurityCenter/DisableDeviceSecurityUI

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark4 check mark4 check mark4 check mark4 cross mark cross mark

Scope:

  • Device

Added in Windows 10, next major release. Use this policy setting if you want to disable the display of the Device security area in the Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.

ADMX Info:

  • GP English name: Hide the Device security area
  • GP name: DeviceSecurity_UILockdown
  • GP path: Windows Components/Windows Defender Security Center/Device security
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

Valid values:

  • 0 - (Disable) The users can see the display of the Device security area in Windows Defender Security Center.
  • 1 - (Enable) The users cannot see the display of the Device secuirty area in Windows Defender Security Center.

WindowsDefenderSecurityCenter/DisableEnhancedNotifications

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Use this policy if you want Windows Defender Security Center to only display notifications which are considered critical. If you disable or do not configure this setting, Windows Defender Security Center will display critical and non-critical notifications to users.

Note

If Suppress notification is enabled then users will not see critical or non-critical messages.

Value type is integer. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Hide non-critical notifications
  • GP name: Notifications_DisableEnhancedNotifications
  • GP path: Windows Components/Windows Defender Security Center/Notifications
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) Windows Defender Security Center will display critical and non-critical notifications to users..
  • 1 - (Enable) Windows Defender Security Center only display notifications which are considered critical on clients.

WindowsDefenderSecurityCenter/DisableFamilyUI

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Use this policy setting if you want to disable the display of the family options area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.

Value type is integer. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Hide the Family options area
  • GP name: FamilyOptions_UILockdown
  • GP path: Windows Components/Windows Defender Security Center/Family options
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) The users can see the display of the family options area in Windows Defender Security Center.
  • 1 - (Enable) The users cannot see the display of the family options area in Windows Defender Security Center.

WindowsDefenderSecurityCenter/DisableHealthUI

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Use this policy setting if you want to disable the display of the device performance and health area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.

Value type is integer. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Hide the Device performance and health area
  • GP name: DevicePerformanceHealth_UILockdown
  • GP path: Windows Components/Windows Defender Security Center/Device performance and health
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) The users can see the display of the device performance and health area in Windows Defender Security Center.
  • 1 - (Enable) The users cannot see the display of the device performance and health area in Windows Defender Security Center.

WindowsDefenderSecurityCenter/DisableNetworkUI

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Use this policy setting if you want to disable the display of the firewall and network protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.

Value type is integer. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Hide the Firewall and network protection area
  • GP name: FirewallNetworkProtection_UILockdown
  • GP path: Windows Components/Windows Defender Security Center/Firewall and network protection
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) The users can see the display of the firewall and network protection area in Windows Defender Security Center.
  • 1 - (Enable) The users cannot see the display of the firewall and network protection area in Windows Defender Security Center.

WindowsDefenderSecurityCenter/DisableNotifications

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Use this policy setting if you want to disable the display of Windows Defender Security Center notifications. If you disable or do not configure this setting, Windows Defender Security Center notifications will display on devices.

Value type is integer. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Hide all notifications
  • GP name: Notifications_DisableNotifications
  • GP path: Windows Components/Windows Defender Security Center/Notifications
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) The users can see the display of Windows Defender Security Center notifications.
  • 1 - (Enable) The users cannot see the display of Windows Defender Security Center notifications.

WindowsDefenderSecurityCenter/DisableVirusUI

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Use this policy setting if you want to disable the display of the virus and threat protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area.

Value type is integer. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Hide the Virus and threat protection area
  • GP name: VirusThreatProtection_UILockdown
  • GP path: Windows Components/Windows Defender Security Center/Virus and threat protection
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) The users can see the display of the virus and threat protection area in Windows Defender Security Center.
  • 1 - (Enable) The users cannot see the display of the virus and threat protection area in Windows Defender Security Center.

WindowsDefenderSecurityCenter/DisallowExploitProtectionOverride

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Prevent users from making changes to the exploit protection settings area in the Windows Defender Security Center. If you disable or do not configure this setting, local users can make changes in the exploit protection settings area.

Value type is integer. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Prevent users from modifying settings
  • GP name: AppBrowserProtection_DisallowExploitProtectionOverride
  • GP path: Windows Components/Windows Defender Security Center/App and browser protection
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) Local users are allowed to make changes in the exploit protection settings area.
  • 1 - (Enable) Local users cannot make changes in the exploit protection settings area.

WindowsDefenderSecurityCenter/Email

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. The email address that is displayed to users. The default mail application is used to initiate email actions. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices will not display contact options.

Value type is string. Supported operations are Add, Get, Replace and Delete.

ADMX Info:

  • GP English name: Specify contact email address or Email ID
  • GP name: EnterpriseCustomization_Email
  • GP element: Presentation_EnterpriseCustomization_Email
  • GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

WindowsDefenderSecurityCenter/EnableCustomizedToasts

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Enable this policy to display your company name and contact options in the notifications. If you disable or do not configure this setting, or do not provide CompanyName and a minimum of one contact method (Phone using Skype, Email, Help portal URL) Windows Defender Security Center will display a default notification text.

Value type is integer. Supported operations are Add, Get, Replace, and Delete.

ADMX Info:

  • GP English name: Configure customized notifications
  • GP name: EnterpriseCustomization_EnableCustomizedToasts
  • GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) Notifications contain a default notification text.
  • 1 - (Enable) Notifications contain the company name and contact options.

WindowsDefenderSecurityCenter/EnableInAppCustomization

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. Enable this policy to have your company name and contact options displayed in a contact card fly out in Windows Defender Security Center. If you disable or do not configure this setting, or do not provide CompanyName and a minimum of one contact method (Phone using Skype, Email, Help portal URL) Windows Defender Security Center will not display the contact card fly out notification.

Value type is integer. Supported operations are Add, Get, Replace, and Delete.

ADMX Info:

  • GP English name: Configure customized contact information
  • GP name: EnterpriseCustomization_EnableInAppCustomization
  • GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

The following list shows the supported values:

  • 0 - (Disable) Do not display the company name and contact options in the card fly out notification.
  • 1 - (Enable) Display the company name and contact options in the card fly out notification.

WindowsDefenderSecurityCenter/HideRansomwareDataRecovery

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark4 check mark4 check mark4 check mark4 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1803. Use this policy setting to hide the Ransomware data recovery area in Windows Defender Security Center.

ADMX Info:

  • GP English name: Hide the Ransomware data recovery area
  • GP name: VirusThreatProtection_HideRansomwareRecovery
  • GP path: Windows Components/Windows Defender Security Center/Virus and threat protection
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

Valid values:

  • 0 - (Disable or not configured) The Ransomware data recovery area will be visible.
  • 1 - (Enable) The Ransomware data recovery area is hidden.

WindowsDefenderSecurityCenter/HideSecureBoot

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark4 check mark4 check mark4 check mark4 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1803. Use this policy to hide the Secure boot area in the Windows Defender Security Center.

ADMX Info:

  • GP English name: Hide the Secure boot area
  • GP name: DeviceSecurity_HideSecureBoot
  • GP path: Windows Components/Windows Defender Security Center/Device security
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

Valid values:

  • 0 - (Disable or not configured) The Secure boot area is displayed.
  • 1 - (Enable) The Secure boot area is hidden.

WindowsDefenderSecurityCenter/HideTPMTroubleshooting

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark4 check mark4 check mark4 check mark4 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1803. Use this policy to hide the Security processor (TPM) troubleshooting area in the Windows Defender Security Center.

ADMX Info:

  • GP English name: Hide the Security processor (TPM) troubleshooter page
  • GP name: DeviceSecurity_HideTPMTroubleshooting
  • GP path: Windows Components/Windows Defender Security Center/Device security
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

Valid values:

  • 0 - (Disable or not configured) The Security processor (TPM) troubleshooting area is displayed.
  • 1 - (Enable) The Security processor (TPM) troubleshooting area is hidden.

WindowsDefenderSecurityCenter/Phone

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. The phone number or Skype ID that is displayed to users. Skype is used to initiate the call. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices will not display contact options.

Value type is string. Supported operations are Add, Get, Replace, and Delete.

ADMX Info:

  • GP English name: Specify contact phone number or Skype ID
  • GP name: EnterpriseCustomization_Phone
  • GP element: Presentation_EnterpriseCustomization_Phone
  • GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

WindowsDefenderSecurityCenter/URL

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark3 check mark3 check mark3 check mark3 cross mark cross mark

Scope:

  • Device

Added in Windows 10, version 1709. The help portal URL this is displayed to users. The default browser is used to initiate this action. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then the device will not display contact options.

Value type is Value type is string. Supported operations are Add, Get, Replace, and Delete.

ADMX Info:

  • GP English name: Specify contact website
  • GP name: EnterpriseCustomization_URL
  • GP element: Presentation_EnterpriseCustomization_URL
  • GP path: Windows Components/Windows Defender Security Center/Enterprise Customization
  • GP ADMX file name: WindowsDefenderSecurityCenter.admx

Footnote:

  • 1 - Added in Windows 10, version 1607.
  • 2 - Added in Windows 10, version 1703.
  • 3 - Added in Windows 10, version 1709.
  • 4 - Added in Windows 10, version 1803.