Windows 10: Windows Defender Exploit Guard-Network Protection

Applies to:
Windows Server 2019
Windows 10 1809
Windows 10 1803
Windows 10 1709

Windows Defender (WD) Exploit Guard (EG) – Network Protection (NP) extends the malware and social engineering (e.g. Phishing attacks) protection offered by Windows Defender SmartScreen (WD Smartscreen) in Microsoft Edge browser and Microsoft Internet Explorer; Covers 3rd party browsers such as Google Chrome, Mozilla Firefox and other applications to cover network traffic and connectivity (URL and/or IP address reputation) on your Windows 10 and Windows Server 2019 based systems.

In a shorter word, it extends (WD Smartscreen) to 3rd party apps.

Windows Defender Exploit Guard: Network Protection, do I need Windows Defender Antivirus (WD AV)?

The answer is yes, you need WD AV to be enabled.

[What is Windows Defender Exploit Guard – Network Protection?]

Protect your network

Windows Defender Exploit Guard

[So why Windows Defender Exploit Guard: Network Protection?]

Tackling phishing with signal-sharing and machine learning

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Windows Defender Exploit Guard: Reduce the attack surface against next-generation malware

Building Zero Trust networks with Microsoft 365

A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017

Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses

[Test / Deploy WD Exploit Guard: Network Protection]

Enable network protection

Confirm pre-requisites
     Note: Make sure that you are running the latest:

  1. WD AV Platform update
  2. WD AV Engine update
  3. WD AV definition update

Allow the following URL's through proxy or firewall:



Windows Defender Smartscreen reporting and notifications

Use audit mode to test the rule

Testing network protection feature

List of 'attack surface reduction' events such as for WD EG NP:

Use 'custom views' to review in 'Event Viewer' to review WD EG NP:

XML for network protection events

Report a false positive or false negative



P.S. Related blog posts:
Windows 10/Windows Server 2016/Windows Server 2019 Antivirus (AV)

Windows 10: Windows Defender Exploit Guard-Exploit Protection

Windows 10: Windows Defender Exploit Guard-Attack Surface Reduction rules