What Is Windows Defender Application Guard?

The Windows Defender Application Guard for Edge is designed to protect your system from malware and zero-day attacks. When enabled, the feature works by creating a new instance of the Edge browser. The new instance is created on the hardware level using Hyper-V with its own kernel and all the required elements for the Edge browser to run normally. Simply put, when using Edge with Application Guard, you will be running a separate copy of Windows within Windows that has no access to the normal user operating environment. Since the new instance of Edge is completely isolated on the hardware level, the attacker or the infected website or service cannot harm your system or data. You can find out more about how the Application Guard works from the Edge Dev Blog. A few things to know:

Your processor should support virtualization. Without hardware virtualization support, you cannot use Application Guard. The Windows Defender Application Guard is only available for Windows 10 Pro users. If you are using the Home version, then the feature is not available to you. Also, you need have the April 2018 update (v1803) installed. If you are not sure, press Win + R, type winver and press Enter. You will see the Windows 10 version number on the second line. It should be 1803 or higher. You can ignore the OS Build number.

Using Edge Application Guard on Windows 10

To enable Edge Application Guard, you have to turn on the Windows Defender Application Guard.

  1. Search for “Turn Windows features on or off” in the Start menu and open it. This is where you can enable the Windows 10 optional features.

  2. Scroll all the way to the bottom, find the option “Windows Defender Application Guard,” select the checkbox next to it and click on the “OK” button.

Note: if your processor doesn’t support virtualization, the Windows Defender Application Guard will be grayed out. 3. Windows will apply the change and ask you to restart the system. Click on the “Restart Now” button to continue.

  1. After restarting, launch the Edge browser. To use Edge with Windows Defender Application Guard, open the Settings menu (three horizontal dots) appearing on the top-right corner and select the option “New Application Guard window.”

  2. As soon as you click on the option, Windows 10 will launch another instance of Edge with Application Guard. The instance is clearly marked with the bright-red “Application Guard” button in the title bar.

Because of the restrictions placed  by the Application Guard on the Edge browser, all the extensions will be disabled in the new instance. You will also lose access to features like page pinning, developer tools, casting, read aloud, etc. The normal Edge browser will not be affected, though. That being said, you can still perform basic actions like copy and paste, printing, etc. If you want to disable Edge Application Guard, open Windows Features just as in the first step, uncheck the checkbox next to “Windows Defender Application Guard” and save the changes. Hope that helps. Comment below sharing your thoughts and experiences regarding using the Edge Application Guard feature in Windows 10.