Antivirus Configuration
Antivirus engine
Section titled “Antivirus engine”| Setting | Value |
|---|---|
| Disallowed threat actions | allow, restore |
| Enforcement level | real_time |
| Exclusions merge | admin_only |
| Run a scan after definitions are updated | Enabled |
| Scanning inside archive files | True |
| Threat type (1) | potentially_unwanted_application |
| Action to take (1) | block |
| Threat type (2) | archive_bomb |
| Action to take (2) | block |
| Threat type settings merge | admin_only |
Cloud delivered protection preferences
Section titled “Cloud delivered protection preferences”| Setting | Value |
|---|---|
| Automatic security intelligence updates | Enabled |
| Cloud Block Level | normal |
| Diagnostic collection level | optional |
| Enable / disable automatic sample submissions | Enabled |
| Enable / disable cloud delivered protection | Enabled |
Endpoint Detection and Response (EDR) preferences
Section titled “Endpoint Detection and Response (EDR) preferences”| Setting | Value |
|---|---|
| Enable / disable early preview | Disabled |
Features
Section titled “Features”| Setting | Value |
|---|---|
| Use System Extensions | enabled |
Network protection
Section titled “Network protection”| Setting | Value |
|---|---|
| Enforcement level | block |
Tamper protection
Section titled “Tamper protection”| Setting | Value |
|---|---|
| Enforcement level | block |
| Process’s TeamIdentifier | UBF8T346G9 |
| Process path | /Library/Intune/Microsoft Intune Agent.app/Contents/MacOS/IntuneMdmDaemon |
| Process’s Signing Identifier | IntuneMdmDaemon |
User interface preferences
Section titled “User interface preferences”| Setting | Value |
|---|---|
| Control sign-in to consumer version | disabled |
| Show / hide status menu icon | Disabled |