Can SEP AutoProtect co-exist with Windows Defender?
search cancel

Can SEP AutoProtect co-exist with Windows Defender?


Article ID: 262613


Updated On:


Endpoint Protection Endpoint Security Complete


You would like to know if the SEP Auto Protect and Windows Defender Real-time protection run together in 14.3 RU7


Release : 14.3 RU7


Location and how to enable it:

SEP 14.3 RU7 - Virus and Spyware policy

SES:Complete - Antimalware Policy

Coexist with Windows Defender (Available in 14.3 RU1 to 14.3 RU1 MP1 and 14.3 RU7 and later.)

When Windows Defender and Symantec Endpoint Protection are both enabled and running on the same computer, the Auto-Protect scan runs after Windows Defender. Auto-Protect can detect any threats that Windows Defender misses.
If Windows Defender is disabled on the client computers, you should disable this option. Otherwise, Auto-Protect continues to run in a delayed state for real-time file system scans, but not for AMSI scans or command-line scans. 

Auto-Protect cannot run in coexistence mode on an endpoint that is protected by a File Based Write Filter (FBWF). These endpoints ignore this option.

Additional Information


NOTE: In some cases to get coexistence to function, it may be required to place Windows Defender into passive mode following steps found in this Microsoft document: