Enable Windows Defender Application Guard in Windows 10

How to Enable Windows Defender Application Guard in Windows 10

Application Guard - @SeniorDBA

Windows Defender Application Guard is an extra security feature of Windows 10 that rolled out more than 3 years ago. When enabled, it implements a sandbox for the built-in web browsers in Windows 10, Edge and Internet Explorer. Windows Defender Application Guard for Microsoft Edge is a lightweight virtual machine that helps isolate potentially malicious website activity from reaching your operating systems, apps, and data.

Three core features of Windows Defender Application Guard:

  • Isolated Browsing – Windows Defender Application Guard uses the latest virtualization technology to help protect your operating system by creating an isolated environment for your Microsoft Edge session.
  • Help Safeguard your PC – Windows Defender Application Guard starts up every time you visit a website that isn’t  work-related to help keep potentially malicious attacks away from your PC.
  • Malware Removal – Any websites you visit, files you download, or settings you change while in this isolated environment are deleted when you sign out of Windows, wiping out any potential malware.

Windows Defender Application Guard uses Hyper-V virtualization technology to provide protection against targeted threats. It adds a special virtual layer between the browser and the OS, preventing web apps and the browser from accessing the actual data stored on the disk drive and in memory.

Prior to Windows 10 build 17063, the feature was exclusively available to Enterprise editions of Windows 10. Now, the feature is available to Windows 10 Pro users.

If you are running Windows 10 Pro build 17063 and above, you can try it in action.

To enable Windows Defender Application Guard in Windows 10:

  1. Press the Win + R keys to open Run and type optionalfeatures.exe into the Run box.                                Optionalfeatures @SeniorDBA
  2. Find Windows Defender Application Guard in the list and check the box next to it.Application Guard - @SeniorDBA
  3. Wait for the installation to finish and restart Windows 10.

The system requirements for Windows Defender Application Guard are as follows:

  • Windows 10 Professional, Build: 17053 (or later);
  • Minimum 8 GB RAM;
  • PC must support Hyper-V virtualization; (Check BIOS)
  • Windows Defender Application Guard is Off by default, it must be enabled manually or by policy

How to Use Windows Defender Application Guard

  1. Open Edge and click on the menu (…) in the top right corner.
  2. Click on “New Application Guard window” in the menu.Application Guard - @SeniorDBA
  3. You will see the protected instance open with Windows Defender Application Guard enabled.

If you run into issues, see Microsoft Help.

One thought on “Enable Windows Defender Application Guard in Windows 10”

  1. Pingback: Securing Windows 10 – Technology News and Information by SeniorDBA

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.