Team: Huntress EDR
Product: Managed Defender Antivirus, Group Policy Objects (Local GPO)
Environment: Managed AV (MAV)
Summary: Huntress MAV utilizes local group policy to set Microsoft Defender preferences.
How does Huntress manage Microsoft Windows Defender?
Huntress' Managed AV feature leverages Local Group Policy to set Defender preferences.
How does Host Isolation work?
Whenever the Host Isolation command is issued by Huntress, the Huntress Agent is tasked to change registry values and Group Policy Objects for the host.
What happens if my machine is Active Directory Domain Joined?
If your machine is joined to an Active Directory Domain, it must have a connection to at least 1 Domain Controller for the policy to be applied. This is a security feature within a domain that requires a "blessing" from a Domain Controller first before a policy is applied. If the machine is off domain, the policy will be applied the next the time machine is able to apply a Group Policy update.
Here's some info from Microsoft on applying Group Policy and how processing works: https://docs.microsoft.com/en-us/previous-versions/windows/desktop/policy/applying-group-policy
What if I have a Home version of Windows?
Windows Home versions do not have Local Group Policy options available and are therefore not compatible with Huntress Managed Antivirus. More on Supported Operating Systems / System Requirements
Comments
0 comments
Please sign in to leave a comment.