Application Guard lets Microsoft Edge work in virtual machines

by Radu Tyrsina
Radu Tyrsina
Radu Tyrsina
CEO & Founder
Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time). For most of the kids of... read more
Affiliate Disclosure

With Microsoft gearing up for its upcoming Windows 10 release in 2017, a new security feature called Application Guard is in the works.
The core concept of this feature is to make browsing more secure, less prone to attacks and allow Microsoft Edge to run on a lightweight virtual machine.

With it, malware and bots would have to not only find a prominent exploit to break through the tough security present in Windows 10’s Edge browser but also find a way to penetrate the browser’s sandboxing and the advanced protection courtesy of Application Guard.

However, Application Guard is not without its own drawbacks:

  • The security feature will be available only on the Enterprise Version of Windows 10.
  • Microsoft will benefit from the feature first as there won’t be a publicly available API or access to the product, at least not in the beginning.

Microsoft is fully aware this feature would be welcomed enthusiastically by private users and startup corps. Small businesses, personal computer users and software houses would also welcome the overall improved security from Application Guard. But the problem lies in the inconvenience of implementing this feature into Home and Pro version of Windows 10.

Microsoft hasn’t worked out a way to achieve the sustainability of virtual environments which exist only across sessions. So, tedious stuff like cookies and caches would be wiped each time. In a home environment, users can expect their passwords and work to be saved when they log in again but that’s not the case in a corporate environment.

This latest security feature adds resilience to other popular browsers which include Mozilla Firefox and Google Chrome as well as prominent applications like Microsoft Office.

There are also some technical requirements of Windows 10’s Virtualization Based Security (VBS) to keep in mind along with the requirement of a functional CPU with the appropriate hardware specifications and I/O virtualizations to support Hyper-V hypervisor.

Let’s not forget to include the performance costs associated with virtualization. Still, it’s highly unlikely the costs exceeds a reasonable amount since this lightweight virtualization.

The infamous distaste Microsoft has for unlicensed releases has led it to list some ground policies for Windows 10 Enterprise. It will allow admins to mark trusted and untrusted sites and allow only basic operations for untrusted ones, such as copying to the clipboard or printing.

You may not be completely unaware of lightweight virtualization options as similar solutions are available with Oracle’s VM Virtualbox or VMWare Workstation.


This article covers:Topics: