Configure Malwarebytes for Windows server roles

Document created by jyamada Employee on Apr 11, 2018Last modified by jgolomb on Nov 2, 2018
Version 7Show Document
  • View in full screen mode

This article applies to the Malwarebytes on-premises corporate solution Malwarebytes Endpoint Security and cloud-based corporate solution Malwarebytes Endpoint Protection.

 

Malwarebytes supports all stock Windows Server Operating Systems from 2008 through 2016 and variants thereof, all in our real-time protection modules; Web Protection, Anti-Exploit, Anti-Malware, Anomaly Detection, and Anti-Ransomware.

 

However, some protection modules should not be enabled for specific Server Roles. The following Malwarebytes recommended configurations should be applied to these Server Roles, as other configurations have been found to cause conflict or performance issues. Malwarebytes continues improving its protection modules every day and will update the below guidance as new versions are released and tested.

 

Windows Server RoleMalwarebytes Recommended Configuration
Internet Information Server or other Web Server

Web Protection – supported but not recommended

Anti-Exploit – supported

Anti-Malware 1.x – supported

Anti-Malware 3.x – supported

Anomaly Detection – supported

Anti-Ransomware - supported
Exchange Server or other SMTP server role

Web Protection – supported but not recommended

Anti-Exploit – supported

Anti-Malware 1.x – supported

Anti-Malware 3.x – supported

Anomaly Detection – supported

Anti-Ransomware - supported
RDP or terminal services

Web Protection – supported

Anti-Exploit – supported

Anti-Malware 1.x – NOT supported

Anti-Malware 3.x – supported

Anomaly Detection – supported

Anti-Ransomware - supported
VDI (Citrix, vmware, etc...) or other virtualized environments

Web Protection – supported

Anti-Exploit – supported

Anti-Malware 1.x – NOT supported

Anti-Malware 3.x – supported

Anomaly Detection – supported

Anti-Ransomware – NOT supported (1)

 

(1) The Anti-Ransomware protection module is currently disabled for all Windows Servers in the cloud-based console and will be available again with the introduction of the new Windows Server OS tab in the configuration Profile where customers will be able to fine-tune real-time protection per server role.

Attachments

    Outcomes