Windows Server 2016 comes standard with Windows Defender, just like Windows 10. And per default, Windows Defender is active and has also turned on Real-Time Protection by default. In Windows Server 2016 Desktop Experience you can disable and configure Windows Defender using the UI or PowerShell, in the Windows Server 2016 Core version or on Nano Server you only have PowerShell available. This article will cover some handy PowerShell commands to disable or configure Windows Defender in Windows Server 2016.
Enabling/Disabling
Disable real-time protection:
Set-MpPreference -DisableRealtimeMonitoring $trueEnable real-time protection:
Set-MpPreference -DisableRealtimeMonitoring $falseSetting Exclusions
Add a path-based exclusion:
Set-MpPreference -ExclusionPath "C:\temp", "C:\VMs", "C:\NanoServer"Add a process-based exclusion:
Set-MpPreference -ExclusionProcess "vmms.exe", "Vmwp.exe"Verifying
Check current state of all options:
Get-MpPreferenceThese will also work for configuring Windows Defender using PowerShell on Windows 10.