Antivirus status per device
View the detected provider, health state, signature age, and last quick and full scan timestamps for every managed endpoint.
Antivirus & endpoint security
Endpoint security, antivirus, and Linux posture from your RMM console
See antivirus status, receive automatic alerts when a threat is detected or antivirus is disabled, run Windows Defender actions on Windows, and review Linux posture in visibility mode.
Windows supports Defender actions. Linux reports firewall, SSH, sudo admins, log provider, and posture risk signals in visibility mode.
Antivirus coverage
Status, threats, Defender actions, and Linux posture in one place.
- Provider, health state, signature age, and last scan timestamps per device.
- Firewall, SSH, sudo admins, log provider, and posture risks in visibility mode.
- Run QuickScan, FullScan, UpdateSignatures, and RemoveThreats directly from the console.
- Email notifications when antivirus is disabled, malware is detected, or a Defender exclusion is added.
Capabilities
What endpoint security includes in Lunixar
Antivirus visibility, Defender actions on Windows, and Linux posture without promising remediation that does not exist yet.
Linux security posture
Review firewall state, SSH configuration, root login, password or public-key authentication, sudo admins, log provider, and posture risk signals on compatible Linux endpoints.
Threats, quarantine, and exclusions
See active threats, allowed threats, quarantined items, and configured exclusions on each Defender-enabled device.
Remote Windows Defender actions
Run QuickScan, FullScan, UpdateSignatures, and RemoveThreats on individual devices from the console. Each action creates a security job with pending → processing → ready or failed status.
Bulk fleet actions
Select multiple online devices and run Defender actions in bulk: update signatures, quick scan, full scan, or remove threats across the fleet.
Antivirus and malware alerts
The platform sends automatic email alerts when antivirus is disabled, when Defender detects active malware, or when a Defender exclusion is added on a device.
Security policy and compliance
Define the expected security state for the tenant and per device. The platform evaluates compliance and surfaces which endpoints are out of policy.
3-step process
Inventory, alert, and action
The agent publishes the antivirus snapshot, the platform persists and notifies, and the operator can act remotely from the console.
1
Agent publishes the snapshot
The Windows agent collects antivirus state — provider, health, signatures, active threats, quarantine, and exclusions — and publishes the snapshot to the platform.
2
Alert on critical condition
If antivirus is disabled, malware is detected, or a Defender exclusion is added, the platform generates the corresponding alert and sends an email notification to enrolled recipients.
3
Remote action from the console
From the device view or the security index, the operator runs the required Defender action. The security job records the execution state and result.
FAQ
Questions about antivirus
What actions can I run on Windows Defender?
You can view protection status and run QuickScan, FullScan, UpdateSignatures, and RemoveThreats directly from the platform.
Does the antivirus module work on Linux?
Linux does not run Windows Defender actions. On compatible Linux endpoints, Lunixar shows security posture in visibility mode: firewall, SSH, sudo admins, log provider, and posture risk signals.
Do I need to install additional antivirus software?
No. The Lunixar agent interacts with Windows Defender already built into the OS. No third-party antivirus solution is required.
Can I see antivirus status across all devices at once?
Yes. The centralized dashboard shows Defender status per device, letting you quickly identify endpoints without active protection.
