Category: At least Windows Server 2012, Windows 8 or Windows RT

This policy setting allows you to disable scheduled and real-time scanning for files under the paths specified or for the fully qualified resources specified. Paths should be added under the Options for this setting. Each entry must be listed as a name value pair where the name should be a string representation of a path or a fully qualified resource name. As an example a path might be defined as: “c: -> Windows” to exclude all files in this directory. A fully qualified resource name might be defined as: “C: -> Windows -> App. exe”. The value is not used and it is recommended that this be set to 0.

This policy setting allows you to disable scheduled and real-time scanning for any file opened by any of the specified processes. The process itself will not be excluded. To exclude the process use the Path exclusion. Processes should be added under the Options for this setting. Each entry must be listed as a name value pair where the name should be a string representation of the path to the process image. Note that only executables can be excluded. For example a process might be defined as: “c: -> windows -> app. exe”. The value is not used and it is recommended that this be set to 0.

This policy setting controls the load priority for the antimalware service. Increasing the load priority will allow for faster service startup but may impact performance. If you enable or do not configure this setting the antimalware service will load as a normal priority task. If you disable this setting the antimalware service will load as a low priority task.

This policy setting controls whether or not complex list settings configured by a local administrator are merged with Group Policy settings. This setting applies to lists such as threats and Exclusions. If you enable or do not configure this setting unique items defined in Group Policy and in preference settings configured by the local administrator will be merged into the resulting effective policy. In the case of conflicts Group policy Settings will override preference settings. If you disable this setting only items defined by Group Policy will be used in the resulting effective policy. Group Policy settings will override preference settings configured by the local administrator.

This policy if defined will prevent antimalware from using the configured proxy server when communicating with the specified IP addresses. The address value should be entered as a valid URL. If you enable this setting the proxy server will be bypassed for the specified addresses. If you disable or do not configure this setting the proxy server will not be bypassed for the specified addresses.

This policy setting allows you to configure the named proxy that should be used when the client attempts to connect to the network for definition updates and MAPS reporting. If the named proxy fails or if there is no proxy specified the following settings will be used (in order):1. Internet Explorer proxy settings2. Autodetect3. NoneIf you enable this setting the proxy will be set to the specified URL. If you disable or do not configure this setting the proxy will be set according to the order specified above.

This policy setting prevents computers from connecting to both a domain based network and a non-domain based network at the same time. If this policy setting is enabled the computer responds to automatic and manual network connection attempts based on the following circumstances: Automatic connection attempts – When the computer is already connected to a domain based network all automatic connection attempts to non-domain networks are blocked. – When the computer is already connected to a non-domain based network automatic connection attempts to domain based networks are blocked. Manual connection attempts – When the computer is already connected to either a non-domain based network or a domain based network over media other than Ethernet and a user attempts to create a manual connection to an additional network in violation of this policy setting the existing network connection is disconnected and the manual connection is allowed. – When the computer is already connected to either a non-domain based network or a domain based network over Ethernet and a user attempts to create a manual connection to an additional network in violation of this policy setting the existing Ethernet connection is maintained and the manual connection attempt is blocked. If this policy setting is not configured or is disabled computers are allowed to connect simultaneously to both domain and non-domain networks.

This policy setting prevents computers from establishing multiple simultaneous connections to either the Internet or to a Windows domain. By default when this policy setting value is Not Configured it is enabled. If this policy setting is enabled when the computer has at least one active connection to the Internet a new automatic connection attempt to the Internet is blocked. When the computer has at least one active connection to a Windows domain a new automatic connection to the same Windows domain is also blocked. Additional manual connection attempts by users to the Internet or to a Windows domain are not blocked by this policy setting. In circumstances where there are multiple simultaneous connections to either the Internet or to a Windows domain Windows disconnects the less preferred connection when the amount of network traffic over the less preferred connection drops below a certain threshold. For example when a computer is connected to Internet using a Wi-Fi connection and the user plugs in to an Ethernet network network traffic is routed through the faster Ethernet connection and the Wi-Fi traffic diminishes. Windows detects this circumstance and responds by disconnecting the Wi-Fi connection. If this policy setting is disabled multiple simultaneous connections to the Internet to a Windows domain or to both are allowed. If this policy setting value is Not Configured the default policy setting is enabled. This is different than enabling the policy setting with Group Policy however – when the policy setting is Not Configured the policy setting is configurable on the local computer. When the policy setting is applied with Group Policy it is not configurable locally. With the policy setting value of Not Configured new automatic connection attempts are not made and less preferred connections are disconnected.

This policy setting prevents clients from connecting to Mobile Broadband networks when the client is registered on a roaming provider network. If this policy setting is enabled all automatic and manual connection attempts to roaming provider networks are blocked until the client registers with the home provider network. If this policy setting is not configured or is disabled clients are allowed to connect to roaming provider Mobile Broadband networks.

This policy setting specifies that power management is disabled when the machine enters connected standby mode. If this policy setting is enabled Windows Connection Manager does not manage adapter radios to reduce power consumption when the machine enters connected standby mode. If this policy setting is not configured or is disabled power management is enabled when the machine enters connected standby mode.