Microsoft is testing an in-browser ‘sandbox’ security extension for Chrome and Firefox that lets users access untrusted pages, safely.
Windows Defender Application Guard
The new browser extension, Windows Defender Application Guard, is already part of Microsoft’s Edge browser and will be rolled out as part of the next Windows 10 update ‘April 2019’ or 19H1 in the Spring. It is currently being tested among Windows Insiders and will be available to Windows 10 Pro or Enterprise users when it goes live.
How Do You Use It?
When installed, users see a Windows Defender Application Guard landing page when they open their Chrome or Firefox browser. When the Firefox or Chrome user tries to access an untrusted web page / non-whitelisted URL, the new extension will work by loading a special isolated Edge tab (Windows Defender Application Guard page), not a tab in Firefox or Chrome. The sandbox page can also be initiated by the user at any time by toggling a switch in the menu settings.
Once the extension has been established by an enterprise network administrator it can be applied on devices across an entire company and configured by network isolation or application. The enterprise administrator defines which web sites, cloud resources, and internal networks can be trusted, and everything that is not on this list is, therefore, considered untrusted. In this way, it can isolate enterprise-defined untrusted sites eliminating any risk of opening potentially malicious apps on a work machine and protecting the company while employees browse the Internet. With Windows Defender Application Guard there is less need to operate a fully-fledged virtual machine.
The new extension is part of a broader move by Microsoft to provide more convenient and secure features for its Enterprise and Pro users.
Types of Devices
The Windows Defender Application Guard was designed by Microsoft to work on enterprise desktops domain-joined and managed by the organisation, enterprise mobile laptops and BYOD mobile laptops, as well as personal devices that are not domain-joined or managed by an organisation.
What Does This Mean For Your Business?
This new extension of an existing Microsoft Edge security feature to Chrome and Firefox browser users gives enterprise admins greater and wider control to protect the organisation from threats to its network and systems that may be invited by employees who happen to browse untrusted websites. The extension is also a value-adding addition to a growing suite of features that are designed to help keep and attract valued enterprise customers.