An "Edge Application Guard window" was a special, hardware-isolated browser session in Microsoft Edge, designed to protect your computer from malicious or untrusted websites.
Utilizing Microsoft's Hyper-V virtualization technology, it ran the browser within a separate, secure "container," effectively isolating any potential threats from your host operating system and network.
Important note: Microsoft Defender Application Guard, including the ability to launch an "Edge Application Guard window," has been deprecated and is no longer available in Windows 11, version 24H2, and later. It has been superseded by other security features in Microsoft Edge, such as Enhanced Security Mode, for business and enterprise use cases.
In-depth coverage of Microsoft Defender Application Guard
How it worked: Hardware isolation and Hyper-V
At the core of Application Guard was its use of hardware-based isolation. When you opened an Edge Application Guard window, the system created a lightweight, virtualized environment using Hyper-V. This isolated "container" hosted a separate, temporary instance of Microsoft Edge.
This isolation had several key features:
- Separation from the host: The Application Guard container had no access to the host operating system, network resources, or user credentials.
- Throwaway container: When the user finished the session and closed the window, the container and all its contents—including any potential malware—were completely discarded. This ensured no threat could persist on the device.
- Minimalist OS: The container ran only the minimum required Windows components, reducing the attack surface.
Protection against browser-based threats
The primary purpose of Application Guard was to defend against browser-based attacks, which often use social engineering and malicious websites to infect a machine. It addressed the "assume breach" security model, acknowledging that traditional defenses might fail and building a layer of containment to limit the damage.
Key protections included:
- Zero-day attacks: If a website exploited an unknown vulnerability (a zero-day), the attack would be contained within the isolated environment, preventing it from ever reaching the main system.
- Phishing and malware: Phishing sites or drive-by downloads of malware would be trapped in the container.
- Credential theft: An attacker could not steal corporate credentials, as they were not available within the isolated session.
Standalone mode vs. enterprise-managed mode
Application Guard offered two modes for different user scenarios:
- Standalone mode (Manual): Users could manually open a new Application Guard window from the Edge menu or with a keyboard shortcut (
Ctrl + Shift + Q). This was useful for personal use or for IT-managed devices where the user needed to proactively protect a single browsing session. - Enterprise-managed mode (Automatic): For enterprise customers, administrators could configure policies via Group Policy or Microsoft Intune. This mode defined which sites were "trusted" (e.g., internal company resources) and which were "untrusted" (everything else). Any navigation to an untrusted site would automatically be redirected to an Application Guard window.
Enterprise-level configuration
In enterprise-managed mode, administrators had fine-grained control over the user experience through policies, including:
- Clipboard control: Restricting or allowing copy-and-paste actions between the container and the host.
- Printing: Enabling or disabling printing from the isolated session.
- Persistence: Controlling whether browser data, such as favorites and cookies, could persist between sessions.
- File downloads: Specifying if files could be downloaded from the container to a protected folder on the host device.
- Camera and microphone access: Allowing or blocking access to hardware.
Depreciation and replacement
With the shift to Microsoft Edge for Business and the introduction of other, built-in security features, Application Guard was officially deprecated. Starting with Windows 11, version 24H2, the feature is no longer available.
Modern Microsoft Edge now relies on alternative security capabilities to protect users, including:
- Enhanced Security Mode: Reduces memory-related vulnerabilities and can disable just-in-time JavaScript compilation.
- Microsoft Defender SmartScreen: Provides anti-phishing and anti-malware support.
- Data Loss Prevention (DLP): Helps identify, monitor, and automatically protect sensitive data.
- Security for Business: Features are now native within the browser itself rather than relying on a separate virtualization layer.
For organizations that still require container-based isolation, Microsoft recommends alternatives such as Windows Sandbox or Azure Virtual Desktop (AVD).