ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Running Windows Defender in Passive mode along with SEP

book

Article ID: 237007

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

When attempting to enable Windows Defender in passive mode, Symantec Endpoint Protection (SEP) disables it after the group policy updates.

Cause

By default, SEP will disable Defender to avoid conflict.  It does this via local group policy. The SepWscSvc service registers SEP with the Windows Security Center (WSC) and is also responsible for disabling Windows Defender.

Environment

Release :SEP 14.x

Component :SepWscSvc

Resolution

To prevent SEP from disabling Windows Defender, enable it via Domain Group Policy.  Domain GPOs will take precedence over local GPOs and prevent SEP from disabling Defender.

 

Attachments