Edge Application Guard Isolates Untrusted Sites

• For additional information on Application Guard please check our latest report: “Managing Application Guard for Office.” 

Windows Defender Application Guard for Microsoft Edge uses Windows Hyper-V virtualization technology to isolate the Edge browser when loading untrusted sites. By loading untrusted sites into a browser running in an isolated environment, malware cannot get to the Windows OS. However, the technology relies on organizations maintaining trusted site lists, and, like Windows Defender Advanced Threat Protection, it will only be available in future releases of the Enterprise editions of Windows 10.

Application Guard Browsing

A user with Windows 10 Enterprise edition and Application Guard, browsing to a site trusted by the user’s organization, will run the Edge browser on the Windows 10 host environment, just as all Edge browser users do today.

In contrast, a user browsing to a nontrusted site will run the Edge browser in an isolated virtual environment that should largely be transparent to the user. This Hyper-V hardware virtualization-based environment contains only the Windows kernel and a minimum set of the Windows platform services to run the browser. In this virtualized environment, Edge will not have access to Windows 10 host memory, local storage, other installed applications, corporate network endpoints, or any other resources that might be vulnerable to malicious software attacks.