After installing the SEP (Symantec Endpoint Protection) or Symantec Endpoint Security (SES) 14.x client on Windows Server 2016, Windows Defender is still turned on and may interfere with SEP's ability to protect the system.
SEP/SES 14.x or later installed on Windows Server 2016.
Windows Server 2016 does not offer a Security Center that SEP/SES has historically used to properly disable Windows Defender.
Please see the following Microsoft articles on managing Windows Defender AntiMalware.
Microsoft Defender Antivirus compatibility with other security products