Disable Windows Defender after installing Workload Security Anti-Malware on Windows Server 2016

When you install the Anti-Malware module for a Deep Security 10.0 Agent on Windows Server 2016, the agent will automatically disable Windows Defender, but not all of the Windows processes related to the Windows Defender service. To do so, you need to reboot Windows Server 2016 after the Workload Security Anti-Malware module installation finishes. The Deep Security Agent will open a Windows message to let you know when to reboot.

The agent will report a computer warning event ("Computer reboot is required for Anti-Malware protection") to Workload Security. This event will remain indefinitely, and will need to be manually dismissed by an administrator.

Installing the Anti-Malware module when Windows Defender is already disabled

If you disable Windows Defender before installing the Workload Security Anti-Malware module, the Deep Security Agent will not open a Windows reboot message. However, you still need to reboot Windows Server 2016 to ensure that Workload Security Anti-Malware functions correctly.