Enabling ‘Do not connect to any Windows Update Internet Locations GPO’ disabled Defender auto updates

Question

Currently we have the below Policies enabled as per RSOP GPO entries:-

  1. “Admin TemplatesWindows ComponentsWindows Defender AntivirusSignature UpdatesAllow definition updates from Microsoft Update = enabled
  2. “Admin TemplatesWindows ComponentsWindows UpdateDo not connect to any Windows Update Internet Locations = enabled”
  3. WUfB Rings have been removed
  4. WSUS intranet content location has been enabled via GPO

Our requirement is to deploy Windows 10 monthly and feature updates only from SCCM/WSUS and not from Internet. But at the same time, we need to enable automatic updates for Windows Defender from Internet. We have Co-managed environment. Need your suggestions please.

solved 1
RajaBoopathy 4 months 1 Answer 132 views Beginner 0

Answer ( 1 )

  1. I don’t have an answer about the Group Policy

    But not sure whether you already slide workload “Endpoint protection” to Intune? That might help

    https://docs.microsoft.com/en-us/mem/configmgr/comanage/workloads#endpoint-protection

    Best answer

Leave an answer

Sorry, you do not have a permission to answer to this question .