How to Enable Windows Defender Application Guard in Windows 10

Windows Defender Application Guard is an extra security feature of Windows 10. When enabled, it implements a sandbox for the built-in web browsers in Windows 10, Edge and Internet Explorer. Here is how to enable it.


Windows Defender Application Guard provides protection against targeted threats by utilizing the Hyper-V virtualization technology. It adds a special virtual layer between the browser and the OS, preventing web apps and the browser from accessing the actual data stored on the disk drive and in memory.

Prior to Windows 10 build 17063, the feature was exclusively available to Enterprise editions of Windows 10. Now, the feature is available to Windows 10 Pro users.

If you are running Windows 10 Pro build 17063 and above, you can try it in action. Let's see how to activate it.

To enable Windows Defender Application Guard in Windows 10, do the following.

  1. Press the Win + R keys to open Run and type optionalfeatures.exe into the Run box.
  2. Find Windows Defender Application Guard in the list and check the box next to it.Windows 10 Enable Defender Guard
  3. Wait for the installation to finish and restart Windows 10.

As of this writing, the system requirements for Windows Defender App Guard look as follows:

  • Windows 10 Professional, Build: 17053 (or later)
  • en-us only for the current builds; full localized support will arrive soon
  • PC must support virtualization; Hyper-V (some older PCs may not support Hyper-V or have this feature disabled in BIOS)
  • Windows Defender Application Guard is Off by default, it must be enabled manually or by policy

Some of these requirements will be eliminated with the final version of Windows 10 Redstone 4.

How to Use Windows Defender Application Guard

  1. Open Edge and click on the menu in the top right corner.
  2. Click on "New Application Guard window" in the menu.Edge Open Application Guard Window
  3. You will see the following splash screen after which a new instance of Edge will open with Windows Defender Application Guard enabled.Edge With Guard Enabled

Source: Microsoft

6 thoughts on “How to Enable Windows Defender Application Guard in Windows 10

  1. Brennan Torres

    Will this feature also be available to Windows 10 Education users?

    Reply
    1. Sergey Tkachenko Post author

      I have no education edition here, but it should be available.

      Reply
  2. John

    My Win 10 Feature List is different to the one you show.

    The Windows Defender Application Guard is not listed.

    Plus unlike yours mine has Windows Process Activation Service with a black square where yours is blank.

    Any advice please.
    Thanks

    Reply
    1. Sergey Tkachenko Post author

      Ensure that you have virtualization support by your hardware.
      Also, this feature is new to Windows 10 Build 17063.

      Reply
  3. David H Johnson

    I had a problem with my 17063 install. I could not check the box for Windows Defender application guard. I was able to finally install Windows Defender Application Guard by opening Windows Powershell as administrator, and running the following command.

    DISM /Online /Enable-Feature /FeatureName:Windows-Defender-ApplicationGuard /All

    I was prompted to restart my computer, and all is well. I opened Turn Windows Features on and off, and the appropriate box is checked.

    Reply
    1. Sergey Tkachenko Post author

      I will add this to the article. Thanks for the tip, David!

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.