Windows’ built-in antivirus, Defender Antivirus, only scans your computer’s local drives by default. With the help of a group policy, however, you can have the tool also monitor the active shares on other computers in your network.
Monitor network shares with Defender
To do this, open the group policy editor by entering gpedit in the search field on the taskbar and in the next step in the hit list click on “Edit group policy”. Attention: The editor is only included in the Windows versions Pro, Enterprise and Education, but not in Windows 10 Home. Follow the path “Computer configuration -› Administrative templates – ›Windows components -› Microsoft Defender Antivirus ”and then open the“ Scan ”folder. There you will find the setting “Run a full scan on mapped network drives”. Double-click this, also mark the option “Activated” and close the window with “OK”.
In the group policies of Windows 10 you will find a special setting with which you can extend the scan runs of the Defender virus scanner integrated in Windows to the connected network shares. This also allows external storage
Please note one thing: In principle, it makes more sense if the security of shares is monitored by the computer on which they are located. Because this avoids unnecessary network traffic. If Windows 10 is installed on the computer with the shares, then it protects the corresponding folder with its own Defender. Even systems with older Windows versions on which anti-virus protection from a third-party manufacturer is already set up do not require any additional scans by Defender. Activation is useful, however, if you do not want to install anti-virus software on an older PC with slow hardware.
In this window, select the “Enabled” option to extend the protection of the Windows 10 antivirus program to the network shares.
Network tuning in Windows 11 – this is how it works