Show advanced configuration options

If you select Show advanced configuration options, two additional configuration options appear in the configuration dialogs of the Windows Defender Antivirus and Windows Security nodes, which are invisible otherwise.

The example shows the dialog for the e-mail scan settings:

 

These configuration options provide the following benefits:

• Do not change existing setting on agent

  If a setting is already applied to the agent, DriveLock will not change it.

  In contrast to Not configured, DriveLock does not change such a setting, regardless of whether it is set in another assigned DriveLock policy or not. This applies to policies that come before this policy in the order of assignment.

  Example:

  You want to apply specific Defender settings to all DriveLock Agents. Create a DriveLock policy with the appropriate settings and assign them to your agents. You want to allow one department to configure some of these settings independently (e.g., via Group Policy, manually or with another external tool). To avoid having to copy the entire policy and only change these few settings, you can create a new policy and set the relevant settings in this policy to Do not change existing setting on agent. Assign this new policy to the agents so that it appears after the existing Defender policy.

• Delete existing setting on agent

  If you specify this value for a Defender setting from the Windows Defender Antivirus node, the Defender setting is deleted from the DriveLock Agent. The Defender will then use its default setting.

  This option can be compared to the Clear existing Microsoft Defender configuration setting, except that it is used for a single setting, while Clear existing Microsoft Defender configuration will clear all settings.