Enabling ‘Do not connect to any Windows Update Internet Locations GPO’ disabled Defender auto updates

Question

Currently we have the below Policies enabled as per RSOP GPO entries:-

  1. “Admin TemplatesWindows ComponentsWindows Defender AntivirusSignature UpdatesAllow definition updates from Microsoft Update = enabled
  2. “Admin TemplatesWindows ComponentsWindows UpdateDo not connect to any Windows Update Internet Locations = enabled”
  3. WUfB Rings have been removed
  4. WSUS intranet content location has been enabled via GPO

Our requirement is to deploy Windows 10 monthly and feature updates only from SCCM/WSUS and not from Internet. But at the same time, we need to enable automatic updates for Windows Defender from Internet. We have Co-managed environment. Need your suggestions please.

solved 1
RajaBoopathy 2020-06-05T12:46:20+05:30 1 Answer 407 views Beginner
0

Answer ( 1 )

  2. Anoop C Nair
    0
    2020-06-05T19:42:34+05:30
    Reply

    I don’t have an answer about the Group Policy

    But not sure whether you already slide workload “Endpoint protection” to Intune? That might help

    https://docs.microsoft.com/en-us/mem/configmgr/comanage/workloads#endpoint-protection

    Best answer

Leave an answer

Sorry, you do not have permission to answer to this question .