Windows Defender Application Guard is an application safeguard designed to help prevent old and newly emerging attacks. It uses
First, make sure you have a Windows 10 Pro system that runs on build 1803 or above. Or you are on Windows Insider Program.
Then, Turn on Windows Defender Application Guard
Open Control Panel, go to Programs, and click Turn Windows feature on or off. And then check the box next to Windows Defender Application Guard and hit OK.
You can also do the same by running the following PowerShell commmand.
Enable-WindowsOptionalFeature -online -FeatureName Windows-Defender-ApplicationGuard
Now, open Microsoft Store and install Windows Defender Application Guard Companion app.
Finally, restart your computer before starting to use it.
How it works
When you see this, that means everything is in place and ready to use.
When users navigate to a site, the extension checks the URL against a list of trusted sites defined by enterprise administrators. The extension will take the user to an isolated Microsoft Edge session, in which the user can freely navigate to any site that has not been explicitly defined as trusted by their organization without any risk to the rest of the system.
You can also launch an isolated Edge session by clicking the extension icon and choose New Application Guard Window.
By looking at the top left corner you can easily tell if an Edge session is an isolated or guarded session. An isolated Edge session will have a Defend Guard symbol on it, like below.
Check here to define the network isolation settings to ensure a set of trusted sites is in place.