HumbleServant
Contributor
Contributor

UEM - How can I use UEM to monitor native / third party antivirus & firewall status?

Hi everyone,

In the Workspace one UEM manual, I saw that "Compliance Policy" should be able to monitor the antivirus & firewall status of enrolled Windows 10 devices.

However when I applied the compliance policy in the devices, turned off the antivirus and firewall, then synced the device. I still saw the status "Compliant" in the web console, no notification was sent to me. May I know what's the issue? Thanks.

Labels (2)
0 Kudos
4 Replies
Noordan
Enthusiast
Enthusiast

Hi,

How is your compliande policy configured? have you enabled the checkbox "mark as not compliant" in the compliance policy?

//Noordan

Tags (1)
HumbleServant
Contributor
Contributor

Hi Noordan,

Thanks for the reply! I have tried to set the 1.Rules for "Antivirus Status" & "Firewall Status" to match any of the condition of "is poor", "is not good" & "is not monitored". The 2.Actions is to send an email to admin. Also I have enabled the checkbox "mark as not compliant".

Since I have both third party firewall and Windows native firewall, I have tried to stop these firewall one by one, and meanwhile re-evaluate the policy. However seems like it still shows "Compliant" in the status.

0 Kudos
Noordan
Enthusiast
Enthusiast

Hi,

And if you check the device detailed page, which status do you see for antivirus there when you have it disabled on the device?

 

0 Kudos
HumbleServant
Contributor
Contributor

Hi,

After disabled everything (Windows native / third parties antivirus, firewall) and waited for a day, I found that antivirus policy works! In the device detailed page, i can see the antivirus policy status is with red cross, and performed the action which is to send an email to admin. However, firewall status still remains unchange, with green tick and no action taken.

0 Kudos