Windows Server Anti-Malware is installed and enabled by default in Windows Server 2016 Technical Preview, but the user interface for Windows Server Anti-Malware is not installed. However, Windows Server Anti-Malware will update anti-malware definitions and protect the computer without the user interface. If you need the user interface for Windows Server Anti-Malware, you can install it after the operating system installation by using the Add Roles and Features Wizard, or from the power shell command:
Should your organization already have a 3rd party malware solution and want to avoid any potential conflicts, you can uninstall through the power shell with the following command:
When using this feature, it’s helpful to submit samples to Microsoft to help their researchers analyze suspicious activities so the definitions remain up to date.
Enable automatic sample submission
- To enable automatic sample submission, start a Windows PowerShell console as an administrator, and set the SubmitSamplesConsent value data according to one of the following settings:
- 0 Always prompt. The Windows Defender service prompts you to confirm submission of all required files. This is the default setting for Windows Defender, but is not recommended for Windows Server 2016 Technical Preview installations without a GUI.
- 1 Send safe samples automatically. The Windows Defender service sends all files marked as “safe” and prompts for the remainder of the files.
- 2 Never send. The Windows Defender service does not prompt and does not send any files.
- 3 Send all samples automatically. The Windows Defender service sends all files without a prompt for confirmation