To enroll devices in Microsoft Defender, follow the steps below.
- In the Intune admin center. go to Endpoint Security > Antivirus
- Two policies are meant for Intune-managed devices
- Intune-DefenderAV-Baseline - Configuration of Defender malware protection (scans / detection methods / etc.)
- Intune-Defender-Experience - Controls how Defender can be accessed / managed by end users
-Using Intune-DefenderAV-Baseline as an example-
Below you'll see the device groups to which the Intune Defender malware protection baseline profile has been applied. To include your device, simply include it in your campus device group. It will take some time for the profile to be applied to endpoint.
NOTE: You should have removed Trend Micro Apex one & Endpoint Security from your device before enrolling into Defender. Failure to do so may result in odd behavior between the two malware protection solutions. You must also reboot at least once between removing Trend Micro products and transitioning to Defender.