On newly deployed machines, Defender is registering as the primary AV provider with enSilo (FortiEDR) installed alongside. On older machines that are in use, we were previously using Trend Micro OfficeScan. If I remove OfficeScan, enSilo registers as the primary AV. I found a reference in the release notes for 4.2 that says enSilo registering as the AV in Security Center was introduced in 4.0. As a workaround, it says you can "remove FortiEDR’s AV registration with Microsoft Security Center". I can't find ANY instruction on how to do this. How do I get enSilo to unregister and allow Defender to show as the AV provider? I tried removing and reinstalling enSilo, but it registers itself again as the AV provider.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hii,
To get rid of FortiEDR's AV registration from Microsoft Security Centre and have Defender show up as the AV provider, follow the instructions below:
1. You may open the Registry Editor by pressing Windows Key + R, typing "regedit," and then pressing Enter.
2. Navigate to the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider
3. You may see a list of subkeys for various AV providers in the left pane. To find the subkey for enSilo or FortiEDR, look for it. Depending on the individual installation, the name could change.
4. To delete an enSilo or FortiEDR subkey, choose "Delete" from the context menu. When asked to confirm the deletion, do so.
5. Registry Editor should be closed.
6. To make sure the modifications take effect, restart your computer.
These actions should prevent Microsoft Security Centre from identifying enSilo or FortiEDR as the main AV provider in the future. Then Windows Defender must designate itself as the AV provider.
Please be aware that improper registry modification might have negative effects. Before making any changes, you should exercise caution and make a backup of your registry. It's advised to ask your IT department for help or consult a competent person if you're unclear or uncomfortable making changes to the register.
I hope that this would enable you to solve your issue.
Hi there,
Removing FortiEDR AV registration with Microsoft Security Center can be done by following a few steps. First, open the Windows Security app on your machine. Then, navigate to the "Virus & threat protection" section and click on "Manage providers." From there, you should be able to see a list of installed AV providers. Locate enSilo (FortiEDR) and disable or remove it from the list. This should allow Windows Defender to become the primary AV provider. If you encounter any difficulties, it's advisable to consult the documentation or support resources provided by FortiEDR Welding Trends for further assistance. Best of luck!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1679 | |
1085 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.