Systems Management Question
Excluding a software item from updating
Thanks in advance for the help.
I'm running a K1000 SMA version 10.1.99. I've been asked by the network guys to do something unusual. They have determined that Windows Defender is causing a conflict with one of our software apps. They have created a GPO to turn Defender off. The issue we have is that when KACE updates Defender it turns it back on. Is there a way to take my subscription to Microsoft for updates and somehow filter out Windows Defender? Is there a way to ignore the updates for Defender?
I've been searching the Questions for awhile and I haven't seen anything like that yet.
Answer Chosen by the Author
Yes, put simply you should always create smart labels to group your patches together ready for deployment, simply rebuild those labels to exclude anything that relates to windows defender. You will then be able to deploy all windows updates excluding windows defender.
If at some stage you want to deploy windows defender updates but then disable defender, create smart labels to only have Defender updates and then create a script to disable defender. Put then together in a task chain so the update is deployed then the script run to disable Defender.
If you need any help with any of this, happy to jump on a call just reach out via my email address in my profile