Using best practices with policies
In order for Anti-malware policies to be enforced correctly, you must enable Managed Definitions to deploy Microsoft anti-malware definitions through Tanium. If your endpoints have Windows 7 or older, enable SCEP. (Settings > Anti-Malware)
With Enforce, do not manage Windows Firewall with Group Policy Management Editor. In order for firewall policies created under Enforce to take effect, the Group Policy Firewall setting must be set to Not configured.
Last updated: 9/16/2020 11:15 AM | Feedback