Windows Defender allows offloading of definitions to a network share for VDI environments. This can reduce file copies and downloads in your organization. And will allow you to update your environments AV definitions multiple times a day, with little to no load on the writecache.
Use the following PowerShell scripts to automate this procedure. Just set a scheduled task to run this hourly and your environment will be secured. My recommendation is to set this script up on 2 servers, then use DFS Namespaces to load balance traffic between them for load and redundancy.
To utilize this script, just change the $avpath to where you want the definition files dropped. Utilize this template GPO for non-persistent VDI best practice. You will need to modify the following entry to point to the share that is setup with the AV definitions.
If you wish to offload definitions download for non-vdi, you can use this script to automate this process. Follow the comments included in the PowerShell script for information on setting up the necessary directories. And Scheduled tasks.
hi there,
Just wondering how this is working out for you? About to set up something similar.
Yes, I still use this in my home lab, and at client environments. Works great!