You can deploy antimalware policies to collections of Microsoft System Center 2012 Configuration Manager client computers to specify how Endpoint Protection protects them from malware and other threats. These antimalware policies include information about the scan schedule, the types of files and folders to scan, and the actions to take when malware is detected. When you enable Endpoint Protection, a default antimalware policy is applied to client computers. You can also use additional policy templates that are supplied or create your own custom antimalware policies to meet the specific needs of your environment.

Configuration Manager supplies a selection of predefined templates that are optimized for various scenarios and can be imported into Configuration Manager. These templates are available in the folder <ConfigMgr Install Folder>\AdminConsole\XMLStorage\EPTemplates.
If you create a new antimalware policy and deploy it to a collection, this antimalware policy overrides the default antimalware policy.

Use the procedures in this topic to create or import antimalware policies and assign them to System Center 2012 Configuration Manager client computers in your hierarchy.

Before you perform these procedures, ensure that Configuration Manager is configured for Endpoint Protection as described in Configuring Endpoint Protection in Configuration Manager.

To modify the default antimalware policy

To create a new antimalware policy

To import an antimalware policy

To deploy an antimalware policy to client computers

List of Antimalware Policy Settings

Many of the antimalware settings are self-explanatory. Use the following sections for more information about the settings that might require more information before you configure them.

Scheduled Scans

Scan Settings

Default Actions

Real-time Protection

Exclusion Settings

Threat Overrides

Definition Updates

See Also