Turn on definition retirement

This policy setting allows you to configure definition retirement for network protection against exploits of known vulnerabilities. Definition retirement checks to see if a computer has the required security updates necessary to protect it against a particular vulnerability. If the system is not vulnerable to the exploit detected by a definition, then that definition is "retired". If all security intelligence for a given protocal are retired then that protocol is no longer parsed. Enabling this feature helps to improve performance. On a computer that is up-to-date with all the latest security updates, network protection will have no impact on network performance.

If you enable or do not configure this setting, definition retirement will be enabled.

If you disable this setting, definition retirement will be disabled.

Supported on: At least Windows Server 2012, Windows 8 or Windows RT

Registry PathSoftware\Policies\Microsoft\Windows Defender\NIS\Consumers\IPS
Value NameDisableSignatureRetirement
Enabled Value0
Disabled Value1


Administrative Templates (Computers)

Administrative Templates (Users)