Level 6
Hi All

There's something I've been thinking about recently that I would like to ask the forum for your opinions.

I run a lab at home with about 30 Windows Server 2016 servers. They all have Windows Defender installed and I have a Group Policy which enables/configures certain features like Cloud Based Protection. I never ever browse the internet from any of these servers (I use my desktop with my SUA account for internet activity) and I don't share my servers with anyone else.

What I was wondering is:

To free up memory on my cluster and to reduce disk IO I was thinking of uninstalling Windows Defender on Windows Server 2016 using Powershell as follows:

Remove-WindowsFeature Windows-Defender, Windows-Defender-GUI

Now obviously this would mean I would have no AV/malware on these test servers but since I don't browse the internet from any of these machines the risk should be minimal (note I said minimal as I do accept having no AV has its risks/downside which I accept).

I may keep Defender installed on some servers that have ports open from the internet like my mail gateway (anti spam etc) but besides this I can't think of any other reason to keep Defender installed. All servers are behind a pfsense firewall in different VLANs and have tight firewall rules controlling traffic between them.

I don't have any kind of third party AV/anti malware installed. Everything I download gets checked on my desktop before copying to any of my test servers.

Good idea to uninstall Defender? Bad idea to uninstall Defender?