What Is Microsoft Defender Application Guard and How to Enable It
Microsoft is constantly working to improve the security of its vast ecosystem. One of the main products is Microsoft Defender, which is part of the Windows Security suite. Microsoft recently released a new product called Microsoft Defender Application Guard for Office. It’s a long name, to be honest, but what is it?
Microsoft Defender Application Guard was released last year. As useful as this feature is, it has received little attention from the press and users. This year, Microsoft has taken a step forward to include an Office application suite in the product, which is clear from the name.
We’re going to call it Application Guard, just like Microsoft does in their docs, for the sake of common sense. Let’s learn more about this feature and how to activate it.
Let’s start.
What is Application Guard
Microsoft released Application Guard to protect users from “emerging threats” by isolating the hardware used. It reminds me of the sandbox tool.
It was developed for Microsoft Edge browser and Windows 10 computers. Clicking on the wrong link or opening malware or other virus infected site could wreak havoc not only on the system accessing it, but on all systems. other systems connected to the server.
The administrator now accesses the whitelist of sites and other resources deemed safe, making all other sites untrusted.
Here is how it works.
Let’s say you open a site that is not in the list. Edge will open this site in a Hyper-V container that is isolated from the host operating system. No malware or virus leaves the container. This protects the data and its integrity.
What is Application Guard for Office 365
Websites and cloud resources aren’t the only things employees access when surfing the wild web. There are also Office documents and other files that you work with on a daily basis. And them? Application Guard for Office was released with this thought in mind. Think of it as an add-on.
Application Guard for Office protects your computer and the connected corporate server from untrusted and infected files. Microsoft strangely calls them “new and emerging threats”. The basic concept remains the same when files are opened in a secure and isolated container using hardware virtualization.
Once the file is opened in the container, you can read, edit, print, and interact with it like a normal file.
Preconditions
There are certain system requirements for this to work. They are:
- Intel Core i5 or equivalent
- 64-bit architecture minimum 4 cores with virtualization extensions (Intel VT-x OR AMD-V)
- 8 GB RAM
- 10 GB of space on SSD preferably
- Windows 10 Enterprise Edition, version 2004
How to activate Application Guard for Office
Hope you have checked the hardware and software requirements. You will now need to download KB4571756 and install it before viewing the correct options on your computer.
The process to enable or disable this feature is the same as for sandbox or virtualization.
Step 1: Find and open Control Panel from the Start menu.
2nd step: Find and open Turn Windows features on or off.
Step 3: In the pop-up window that follows, find and turn on the Microsoft Defender Application Guard option.
Remember to save all changes before exiting.
For those who cannot find this option in Control Panel or like to work with the command line, you can also enable it from within PowerShell. Make sure to open PowerShell with administrator rights, then give this command:
Enable-WindowsOptionalFeature -online -FeatureName Windows-Defender-ApplicationGuard
Step 4: Find and open the Group Policy Editor from the Start menu.
Step 5: Go to the folder structure suggested below.
Computer ConfigurationAdministrative TemplatesWindows ComponentsMicrosoft Defender Application Guard
Double-click on the “Enable Microsoft Defender Application Guard in managed mode” option to open it.
Step 6: You will now select On and set the Options value to 2 as shown in the screenshot below.
Click Apply and save all changes.
Step 7: Finally, open Settings> Privacy> Diagnostics and feedback. Select Optional diagnostic data if it is not already selected.
How do you know it is working or not. Easy. Open any Word document, not in your whitelist (untrusted), and you should notice this message:
To ensure your security, we are opening this document in Application Guard.
Additionally, the Word icon in the taskbar should have a shield icon.
Duty of care
I am impressed with the way Microsoft has taken its security in recent years. I regularly use Sandbox mode to test apps, open sites, and try new hacks in a safe environment. Microsoft Defender Application Guard adds more options for business users who have a lot more to lose if their servers or systems are compromised. It is another tool in your arsenal to fight hackers. While there will never be a permanent solution, the best we can do is stay vigilant and keep them at bay.
Then:
Want to protect yourself even more? Here is a guide with 6 crucial tips to protect your data from viruses and malware.
Last updated Sep 23, 2020
The above article may contain affiliate links that help support Guiding Tech. However, this does not affect our editorial integrity. The content remains impartial and authentic.