Windows Defender Application Guard, is a module functionality of Windows 10, available to users via Windows Features. The Windows Defender Application Guard (Application Guard) is designed to help prevent malware attacks come through accessing web pages with Microosft Edge. In this way, a company's employees will not endanger sensitive information and documents when sites with intentional malicious content are accessed. Internet browsing become safe and can not be victims of Virus attacks, spyware si malware. Using this feature of Windows, all the hardware resources and the integrity of the Windows 10 operating system are totally protected when accessing web pages. There is virtually no interaction between an open page in Microsoft Edge and a laptop or PC if Windows Defender Application Guard is active.
At company level, the network administrator can enable this feature restrict users' access to sites other than trustworthy and company sites in a pre-defined list. Network users who want to access other sites can do so, but if they use Internet Explorer or Microsoft Edge, these web pages will open in a separate window (Hyper-V), which will be isolated from the rest of the system and with which it will not be able to interact. So if the site you visit will have malicious applications, the attacker will not have any chance of getting to the system files and implicitly to the company data.
Ways of using Windows Defender Application Guard
Computers within a corporate - In this scenario, computers are associated with a domain and are managed by your organization. Managing the configuration is done through System Center Configuration Manager or Microsoft Intune. Employees have standard user privileges and use a corporate network with high bandwidth and wired connectivity.
Laptop service - These laptops are associated with a domain and are managed by the organization. As with computers that have a wired connection, administration is done through System Center Configuration Manager or Microsoft Intune. Employees have standard user privileges.
Personal laptops of employees - These personal laptops do not belong to a domain, but while they are connected to the company's resources, they will be managed by the organization through Microsoft Intune. The employee usually has a laptop administrator. but access can be managed as long as it is connected to the company's network.
Personal devices - And in this scenario, this feature of Windows 10 can be used to protect your sensitive data, char whether the devices are united in a domain or administered by the organization.
Install Windows Defender Application Guard for a personal computer / laptop
We'll show you how to install and access webpages with Windows Defender Application Guard on a personal computer or laptop, leaving aside advanced settings for domains managed by organizations.
So if you want to navigate securely on sites and be sure they can not interact in any way with your operating system, all you have to do is activate the "Windows Defender Application Guard"
1. Open the Start Menu in Windows 10 and type "Windows Features".
2. In "Turn Windows features on or off", Look for and check" Windows Defender Application Guard ", then click" OK "to start the installation process. It requires restart. Click "Restart now" when you are asked to do so.
3. After restarting the operating system, open it Microsoft Edge and open a new window in "New Application Gurad windows". Click on "..." menu to get to this option.
This new window allows you to navigate safely, and any malicious intent interaction between your web page and your PC will be automatically restricted.
You're browsing in Application Guard for Microsoft Edge.
In a future article, we'll show you how to turn Windows Defender Application Guard on by default for a Windows Pro PC or laptop user.