Next-generation protection in Windows 10 and Windows Server 2016
Windows Defender Antivirus is the next-generation protection component of Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). Next-generation protection brings together machine learning, big-data analysis, in-depth threat resistance research, and cloud infrastructure to protect devices in your enterprise organization. Next-generation protection services include:
- Behavior-based, heuristic, and real-time antivirus protection. This includes always-on scanning using file and process behavior monitoring and other heuristics (also known as "real-time protection"). It also includes detecting and blocking apps that are deemed unsafe, but may not be detected as malware.
- Cloud-delivered protection. This includes near-instant detection and blocking of new and emerging threats.
- Dedicated protection and product updates. This includes updates related to keeping Windows Defender Antivirus up to date.
Visit the Microsoft Defender ATP demo website to confirm the following protection features are working and explore them using demo scenarios:
- Cloud-delivered protection
- Block at first sight (BAFS) protection
- Potentially unwanted applications (PUA) protection
Minimum system requirements
Windows Defender Antivirus is your main vehicle for next-generation protection, and it has the same hardware requirements as of Windows 10. For more information, see:
Configure next-generation protection services
For information on how to configure next-generation protection services, see Configure Windows Defender Antivirus features.
Configuration and management is largely the same in Windows Server 2016, while running Windows Defender Antivirus; however, there are some differences. To learn more, see Windows Defender Antivirus on Windows Server 2016.
- Full version history for Microsoft Defender Advanced Threat Protection
- Windows Defender Antivirus management and configuration
- Evaluate Windows Defender Antivirus protection
- Enable cloud protection
- Configure real-time protection
- Enable block at first sight
- Detect and block potentially unwanted applications
- Create and deploy cloud-protected antimalware policies