How to Disable Network Discovery on Public Profiles via PowerShell
🔍 WiseChecker

How to Disable Network Discovery on Public Profiles via PowerShell

by

Quick fix: Run Set-NetFirewallProfile -Profile Public -Enabled True; Get-NetFirewallRule -DisplayGroup “Network Discovery” | Where-Object Profile -like “*Public*” | Disable-NetFirewallRule in elevated PowerShell. Network discovery is now off on every Public profile network the PC connects to.

You want public-network protection: when on coffee shop Wi-Fi, hotel networks, or any untrusted connection, your PC shouldn’t advertise itself or browse the network. Windows’ Public profile defaults are reasonable but Network Discovery may still be partially enabled.

Symptom: You want to ensure network discovery is fully disabled on Public network profiles via PowerShell.
Affects: Windows 11 (any edition).
Fix time: 3 minutes.

ADVERTISEMENT

Method 1: Disable via PowerShell firewall rules

  1. Open elevated PowerShell.
  2. Run:

    Get-NetFirewallRule -DisplayGroup “Network Discovery” | Where-Object Profile -like “*Public*” | Disable-NetFirewallRule
  3. Verify: Get-NetFirewallRule -DisplayGroup “Network Discovery” | Where-Object Profile -like “*Public*” | Select-Object DisplayName, Enabled

Method 2: Disable via Settings

  1. Settings → Network & internet → Advanced network settings → Advanced sharing settings.
  2. Expand Public networks.
  3. Toggle Network discovery off.
  4. Toggle File and printer sharing off.

ADVERTISEMENT

Method 3: Group Policy for fleet

  1. gpedit.msc → Computer Configuration → Windows Settings → Security Settings → Network List Manager Policies.
  2. Set unidentified networks to Public.
  3. Set User Permissions to disallow changing location.

Verification

  • Connect to a Public-profile network.
  • Open File Explorer → Network. Other devices don’t appear (your PC also doesn’t broadcast).
  • Test-NetConnection <your-public-IP> -Port 445 from another device on the same network — fails (file sharing blocked).

If none of these work

If devices still discover yours, check whether mDNS/Bonjour is running (some apps install Bonjour for cross-platform discovery). Disable the Bonjour service if not needed. For chronic public-network exposure concerns, use a VPN to tunnel through trusted infrastructure regardless of the local Wi-Fi.

Bottom line: One PowerShell command disables network discovery on all Public profiles. Combine with the Settings UI for the full sharing-off picture.

ADVERTISEMENT

← Back to WiseChecker HomeMore in Windows & PC

🔍 Recommended for You