Top

Upcoming Feature: Huntress Recommended Managed AV Defaults

This article lists all of the Huntress recommended defaults in the Managed AV Dashboard. 

Related Articles

Huntress Recommended Defaults is  an upcoming feature created to streamline the configuration of best-practice Defender policies by automatically applying default settings recommended by Huntress. This article details the Huntress Recommended default settings. You can navigate to the related Microsoft documentation by clicking the hyperlinked setting. 

About Huntress Recommended Defaults

Color Legend:

Huntress Recommended Defaults are the recommended Defender settings chosen by Huntress to provide a secure foundation for your configuration. 

These recommended settings can be easily applied by inheriting them at the Account level. You can also customize these settings by simply overriding at the Account, Organization, or Host levels. For more information on inheritance, please see https://support.huntress.io/article/308-managed-av-beta-interface-basic-settings#inheritance.

What will change?  

In the current version of Managed AV configuration policy, all settings default to Use System Default at the Account level, which adopts the existing Microsoft Defender default that applies to each endpoint. This feature replaces these defaults and actively sets a Huntress Recommended Default setting depending on best practice AV configuration at the Account level. If an override (or a change from Use System Default) is already configured at the Account, Organization, or Host level, this override will be preserved.  

For partners who are in Audit Mode, this will only update the configuration policy for Managed AV but will not modify any agents. 

For partners who are in Enforce Mode, Huntress Recommended Defaults will take the place of "Use System Default" at the Account level. See the table below to understand what settings may change. You can always override any Huntress Recommended Settings at the Account level if desired for your Account or organization. 

What are the settings?

Defender Default
Huntress Default
Microsoft Article
Setting
Client Interface
 Suppress all notifications Disabled Disabled Suppress all notifications
 Enable Headless UI Mode Disabled Disabled Enable Headless UI Mode
Exclusions
 Path Exclusions No action No action Path Exclusions
 Extension Exclusions No action No action Extension Exclusions
 Process Exclusions No action No action Process Exclusions
Network Inspection System
  Turn on definition retirement* Enabled Enabled -
 Turn on protocol recognition* Enabled Enabled -
Quarantine
 Configure removal of items from Quarantine folder* Disabled Disabled Configure removal of items from Quarantine folder
Scanning
 Turn on catch-up quick scan Disabled Enabled Turn on catch-up quick scan
 Specify the time for a daily quick scan 2 am local time 2 am local time Specify the time for a daily quick scan
 Turn on catch-up full scan Disabled Enabled Turn on catch-up full scan
 Specify the day of the week to run a scheduled scan Never Thursday Specify the day of the week to run a scheduled scan
 Specify the time of day to run a scheduled scan 2 am local time 2 am local time Specify the time of day to run a scheduled scan
 Start the scheduled scan only when the computer is on but not in use Enabled Enabled Start the scheduled scan only when the computer is on but not in use
 Specify the maximum percentage of CPU utilization during a scan 50% 20% Specify the maximum percentage of CPU utilization during a scan
 Check for the latest virus and spyware security intelligence before a scan Disabled Enabled Check for the latest virus and spyware security intelligence before a scan
 Specify the scan type to use for a scheduled scan Quick Scan Full Scan Specify the scan type to use for a scheduled scan
 Scan archive files* Enabled Enabled Scan archive files
 Scan network files* Enabled Enabled Scan network files
 Scan packed executables* Enabled Enabled Scan packed executables
Scan removable drives* Enabled Enabled Scan removable drives

* These settings are enforced and cannot be changed from the Huntress default configuration to maintain best-practice configuration and compliance. Please send any feedback to support@huntress.io.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Need help? Click here to Contact Us Click here to Contact Us