A look at Windows Defender Application Guard extension for Firefox and Chrome - gHacks Tech News

A look at Windows Defender Application Guard extension for Firefox and Chrome

Microsoft released the extension Windows Defender Application Guard for Google Chrome and Mozilla Firefox recently.

Windows Defender Application Guard is a security feature designed to load untrusted sites and services in a lightweight virtual machine. It requires Windows 10 Professional or Enterprise at the time of writing, and works in standalone and Enterprise-managed modes. It requires at least Windows 10 version 1803.

The new browser extension brings Application Guard functionality to the third-party browsers Google Chrome and Mozilla Firefox.

Windows Defender Application Guard extension

application guard extension firefox chrome

Installation is slightly more complicated than installing another browser extension. The main reason for that is that you need to make sure that Application Guard is turned on as a feature on the device, and that you have installed the Microsoft Store companion app as well.

In other words: you may need to install three different applications before you can make use of it.

The following steps are required:

  1. Enable Windows Defender Application Guard on the device if it is not turned on already. Make sure the system meets the hardware and software requirements.
  2. Install the Windows Defender Application Guard companion application from the Microsoft Store.
  3. Install the Google Chrome extension or the Mozilla Firefox add-on.
  4. Enterprise-only: Define network isolation settings to define a list of trusted sites that you may access using Chrome or Firefox.
  5. Restart the device.

Using the extension

windows defender application guard extension

The extension highlights if all requirements are met after installation. You should see three green lights indicating that the device is compatible, that the companion app is installed, and that Application Guard is turned on.

How the extension is used depends largely on the edition of Windows 10.

Note: You may want to turn off diagnostic data collecting that is enabled by default. Just click on the extension icon and toggle "Allow Microsoft to collect diagnostic data" to do so.

Standalone mode

Windows 10 Pro users and Enterprise users who choose standalone mode get very little out of the extension as it does not work automatically in that mode.

All you can do, really, is to click on the extension icon and there on the "New application guard window" button to start a new Application Guard instance of Microsoft Edge.

More comfortable than having to launch Application Guard instances from Microsoft Edge manually, but not by much and probably not worth the hassle of installing the extension and Microsoft Store application.

Enterprise-managed mode

Enterprise administrators have additional configuration options that automate the experience. All that is required for that is to set up network isolation settings; these define trusted sites, e.g. an IP address range, that users may access using the third-party browsers the extension is installed in.

Any site not on the trust list is automatically redirected to the Microsoft Edge Application Guard instance.

When users navigate to a site, the extension checks the URL against a list of trusted sites defined by enterprise administrators. If the site is determined to be untrusted, the user is redirected to an isolated Microsoft Edge session. In the isolated Microsoft Edge session, the user can freely navigate to any site that has not been explicitly defined as trusted by their organization without any risk to the rest of system.

Microsoft plans to extend the functionality by loading trusted sites opened in the Application Guard instance in the third-party browser.

With our upcoming dynamic switching capability, if the user tries to go to a trusted site while in an isolated Microsoft Edge session, the user is taken back to the default browser.

Closing Words

The Windows Defender Application Guard extension is a useful browser extension for Enterprise environments in which supported third-party browsers are permitted.  It seems less likely that it will see a lot of traction on Pro devices though due to the limitations.

Now You: Do you use Application Guard or other browsing virtualization services?

Summary
A look at Windows Defender Application Guard extension for Firefox and Chrome
Article Name
A look at Windows Defender Application Guard extension for Firefox and Chrome
Description
Microsoft released the extension Windows Defender Application Guard for Google Chrome and Mozilla Firefox recently. 
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. John IL said on March 17, 2019 at 11:36 am
    Reply

    I tried this when it came out for Edge exclusively and even with Edge was a bit sluggish and especially with scrolling. I just felt SmartScreen did a lot of pre scanning anyway so this was just overkill. Adding a extension to Chrome or Firefox but then opening a Edge Window to isolate a site seems so overly complicated and confusing. Sort of feel this is a afterthought that doesn’t really work.

  2. no said on March 17, 2019 at 12:18 pm
    Reply

    I’m sure this won’t report all ur’s you viist to Microsoft.

    1. Bobby Phoenix said on March 17, 2019 at 9:56 pm
      Reply

      It does by default. You’re opted in from the start, but you can go to settings, and turn it off.

  3. Robert said on March 17, 2019 at 2:38 pm
    Reply

    So Microsoft found a way to get me to login to the Microsoft account using a foreign browser. No thanks.

    1. huipisda said on March 26, 2019 at 7:12 pm
      Reply

      Why would you do so? This is not required for installing apps from Microsoft Store.

      PS
      You should consider stopping using Windows. It is made by evil Microsoft.

  4. Pierre said on March 17, 2019 at 5:32 pm
    Reply

    Caution, last time I tried, it destroyed Opera profile

  5. ilev said on March 17, 2019 at 6:05 pm
    Reply

    Chrome has this build in for any version of Windows.

  6. K@ said on March 17, 2019 at 10:57 pm
    Reply

    I have to downgrade to W10, to improve my security…

    Now, THAT is funny.

    It ain’t gonna happen.

    1. Weilan said on March 18, 2019 at 9:01 am
      Reply

      I know, right? Windows 7 is more secure and more function and you don’t even need to use any antivirus protection other than the one called “Common Sense”.

  7. 420 said on March 18, 2019 at 7:34 am
    Reply

    Adding the requirement of the store is a steel toe in the starfish hole, I fucking hate the new Microsoft.

  8. LTL said on March 18, 2019 at 10:27 am
    Reply

    WDAG runs cmimageworker.exe which uses >80% of my CPU in Windows 10 Pro 1809, so I disabled WDAG again.
    It is falsely seen as a cryptominer/virus, but it does cause trouble on 1809 and 19H1.

    https://techdows.com/2018/12/cmiimageworker-exe-on-windows-10-19h1-build-using-high-cpu-is-a-bug-not-a-virus-says-microsoft.html

  9. Anonymous said on April 4, 2019 at 8:10 pm
    Reply

    The MS store links opens a 3rd party website.

    1. Martin Brinkmann said on April 4, 2019 at 8:17 pm
      Reply

      Thank you, corrected the link!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.

Be polite: we do not allow comments that threaten or harass, or are personal attacks. Please leave politics and religion out of discussions!