In this post we will see how to turn off Windows Defender using group policy. Windows Defender is malware protection that is included with and built into Windows 10. This software helps identify and remove viruses, spyware, and other malicious software. But why would you think of turning off Windows Defender then ?.
Windows Defender provides the most protection when cloud-based protection is enabled. Windows Defender runs in the background and notifies you when you need to take specific action. There are many ways to disable windows defender. You could choose to disable it on a single machine, you could also disable it using Registry Tweak.
However when you want to disable Windows Defender on multiple computers in a domain, the group policy method is the best. If you are using System Center 2012 R2 Configuration Manager and Microsoft Intune, these can provide centralized management of Windows Defender, including:
- Settings management
- Definition update management
- Alerts and alert management
- Reports and report management
How to turn off Windows Defender using Group Policy
Launch the Group Policy Management console. Right click on the domain and click Create a GPO in this domain and link it here. Provide a name to the GPO. Click OK.
Once the policy is created, right click on the policy and click Edit. This will bring up the Group Policy Management Editor. Navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Defender.
Look for the policy setting “Turn Off Windows Defender“. Right click on the policy setting and click Edit.
On the Turn off Windows Defender policy setting, click Enabled. This policy setting turns off Windows Defender. Click OK and close the Group policy management console.
On the client machine, we now see that group policy has been applied. When the user tries to open Windows Defender, it shows a box stating This application is turned off by group policy. In case you want to enable the windows defender, edit the policy and simply change the same policy’s status from Enabled to Not Configured or Disabled.