Configure Malwarebytes Endpoint Protection Windows server roles

Document created by jgolomb Employee on Dec 26, 2018Last modified by jyamada on Jan 23, 2019
Version 2Show Document
  • View in full screen mode

Malwarebytes Endpoint Protection supports all stock Windows Server Operating Systems from 2008 through 2016 and variants thereof, all in our real-time protection modules; Web Protection, Anti-Exploit, Anti-Malware, and Behavior Protection.

 

However, some protection modules should not be enabled for specific Server Roles. The following Malwarebytes recommended configurations should be applied to these Server Roles, as other configurations have been found to cause conflict or performance issues. Malwarebytes continues improving its protection modules every day and will update the below guidance as new versions are released and tested.

 

Windows Server RoleMalwarebytes Recommended Configuration
Internet Information Server or other Web Server

Web Protection – supported but not recommended

Anti-Exploit – supported

Anti-Malware 3.x – supported

Behavior Protection - supported
Exchange Server or other SMTP server role

Web Protection – supported but not recommended

Anti-Exploit – supported

Anti-Malware 3.x – supported

Behavior Protection - supported
RDP or terminal services

Web Protection – supported

Anti-Exploit – supported

Anti-Malware 3.x – supported

Behavior Protection - supported
VDI (Citrix, vmware, etc...) or other virtualized environments

Web Protection – supported

Anti-Exploit – supported

Anti-Malware 3.x – supported

Behavior Protection – NOT supported (1)

 

(1) The Behavior Protection module is currently disabled for all Windows Servers in the cloud-based console and will be available again with the introduction of the new Windows Server OS tab in the configuration Profile where customers will be able to fine-tune real-time protection per server role.

Attachments

    Outcomes