Windows Defender Built into the Next Version of Windows Server

The next version of Windows Server comes with Windows Defender built in and installed by default.

Rod Trent

November 4, 2014

2 Min Read
Windows Defender Built into the Next Version of Windows Server

Windows Defender, Microsoft's long-standing malware protection component of the Windows client, will now come as a default installation of the next version of Windows Server.

The next version of Windows Server is currently in Technical Preview, and those that have it installed for testing might not immediately be aware that Windows Defender is running. Windows Defender is installed and running by default and can only be recognized through a glance through the running services. In this version for Windows Server, Microsoft decided to simply install the service without also supplying the interface required to view and manage the service. Who needs a UI on a server, right?

The UI can be installed, you just need to go through the Add Roles and Features Wizard or install it using the standard PowerShell command Install-WindowsFeature. Microsoft's intent for not including the UI by default was to allow administrators to manage the server using WMI, PowerShell, or Group Policy instead. In addition, if you want to use a different product for antimalware services, or just want to uninstall Windows Defender for Windows Server, you'll have to use the aforementioned options to accomplish it.

The PowerShell cmdlets for Windows Server haven't changed since released for Windows Server 2012 R2 and Windows 8.1. The same cmdlets are utilized for the next version of Windows Server, though I expect new functionality will be added over time. The full set of PowerShell cmdlets for Windows Defender are:

  • Add-MpPreference – modify settings

  • Get-MpComputerStatus – shows status of Defender

  • Get-MpPreference – shows current Defender preferences

  • Get-MpThreat – shows the threat history

  • Get-MpThreatCatalog – shows known threats

  • Get-MpThreatDetection – shows history of threats detected by Defender

  • Remove-MpPreference – configures exclusions and default actions

  • Remove-MpThreat – removes active threats

  • Set-MpPreference – configures scans and updates

  • Start-MpScan – initiates a scan

  • Update-MpSignature – forces a signature file update

Just like the Windows client version, Windows Defender for Windows Server requires a connection to Windows Update to get update antimalware definitions, so the Windows Update service must be constantly running. During the Technical Preview, these updates are not downloaded and installed automatically, which is a bit strange. And, just like the Windows client version, you have to jump into the Windows Update component in Control Panel to adjust the settings, again, like the client piece, choosing to install automatically or download and notify for installation.

The following services are required to be running for Windows Defender for Windows Server to operate correctly:

  • Windows Defender Service

  • Windows Defender Network Inspection service

  • Windows Error Reporting service

  • Windows Firewall

  • Windows Update service

About the Author(s)

Rod Trent

Rod Trent

See more from Rod Trent
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

cybersecurity operator or hacker works with data in dark room
IT Security
Master AI Cybersecurity: Protect and Enhance Your NetworkMaster AI Cybersecurity: Protect and Enhance Your Network
byBrien Posey
May 21, 2024
5 Min Read
business person stamping a document
IT Operations
How to Get Executive Buy-In for IT ProjectsHow to Get Executive Buy-In for IT Projects
byChristopher Tozzi
May 28, 2024
6 Min Read
yellow block stuck in between blue cog wheels
PowerShell
Using ChatGPT as a PowerShell Debugging ToolUsing ChatGPT as a PowerShell Debugging Tool
byBrien Posey
Jun 4, 2024
4 Min Read