Microsoft introduced Windows Defender Application Guard for Microsoft Edge on Windows 10 just yesterday at Ignite 2016. Today, the company dived deep into Windows Defender Application Guard for Edge on a blog post, detailing how the feature actually works.
When users enable Application Guard for Microsoft Edge on Windows 10, it’ll work automatically when they visit a site that isn’t trusted. Once Application Guard is activated, you’ll notice an indicator on the title bar of Edge, which shows that the feature is enabled. Application Guard blocks a website from accessing the local storage, memory, installed apps, and corporate network endpoints — securing the user from any kind of attacks. For this to work, Microsoft is actually isolating sites that aren’t trusted in a different instance of Windows (made possible by Hyper-V) with a separate copy of the kernel — which means it won’t have any access to the main OS environment.
Users can also add trusted websites on Edge, which will prevent Application Guard from automatically starting. Here’s a video where Microsoft takes a quick look at Application Guard:
It is worth noting that Application Guard will render websites exactly like they render on the “default” mode on Edge — so if you are a web developer, you don’t have to worry about supporting Application Guard on your sites.
Application Guard for Microsoft Edge should be available with the next major update for Windows 10, codenamed as “Redstone 2” and we expect it to arrive sometime next year.