Home

Olympia users wanting to try WDAG (Windows Defender Application Guard)

%3CLINGO-SUB%20id%3D%22lingo-sub-126847%22%20slang%3D%22en-US%22%3EOlympia%20users%20wanting%20to%20try%20WDAG%20(Windows%20Defender%20Application%20Guard)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-126847%22%20slang%3D%22en-US%22%3E%3CP%3EThe%20WDAG%20policy%20is%20enabled%20for%20all%20Olympia%20users%2C%20but%20there%20are%20still%20manual%20steps%20needed%20to%20activate%20it%20on%20your%20client%20device.%20There%20is%20work%20going%20on%20now%20that%20will%20allow%20the%20full%20activation%20via%20Intune%20console%20that%20will%20be%20ready%20in%20January.%26nbsp%3B%20Until%20then%2C%20please%20activate%20it%20using%20these%20steps%2C%20then%20try%20it%20out%20and%20provide%20feedback%20using%20Feedback%20Hub.%26nbsp%3B%20Thank%20you%20-%20the%20Olympia%20Crew.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B1)%26nbsp%3B%20Ensure%20that%20hypervisor%20capabilities%20are%20enabled%20in%20the%20BIOS%20on%20the%20device%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B2)%26nbsp%3B%20Open%20up%20Control%20Panel%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B-%20Click%20on%20%22Programs%22%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B-%20Click%20on%20%22Programs%20and%20Features%22%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B-%20Click%20on%20%22Turn%20Windows%20features%20on%20or%20off%22%20in%20the%20sidebar%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B-%20Check%20the%20box%20next%20to%20%22Windows%20Defender%20Application%20Guard%22%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B-%20Click%20%22OK%22%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B3)%26nbsp%3B%20Reboot%20the%20device%20when%20prompted%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B4)%26nbsp%3B%20After%20logging%20in%20after%20the%20reboot%2C%20based%20on%20the%20Olympia%20WDAG%20policy%2C%20some%20sites%20will%20automatically%20open%20Edge%20in%20an%20isolated%20Edge%20window%20(with%20orange%20chrome%20at%20the%20top)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ENote%20-%20You%20can%20also%20manually%20turn%20on%20WDAG%20for%20any%20given%20Edge%20session%20by%20following%20above%20instructions%2C%20and%20after%20the%20reboot%20(step%203)%2C%20do%20the%20following%3A%3C%2FP%3EOpen%20Edge%2C%20click%20on%20the%20three%20dots%20in%20the%20top%20right%2C%20and%20click%20on%20the%20%22New%20Application%20Guard%20window%22%20option.%20A%20dialog%20stating%20%22Windows%20Defender%20Application%20Guard%20is%20starting%22%20will%20now%20come%20up%20Soon%20after%2C%20a%20new%20isolated%20Edge%20window%20with%20orange%20chrome%20at%20the%20top%20should%20open%20You%20should%20now%20be%20able%20to%20navigate%20to%20websites%20inside%20the%20isolated%20Edge%20window%20like%20you%20can%20in%20normal%20Edge%20For%20more%20information%20on%20using%20WDAG%20in%20standalone%20mode%20-%20see%20this%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FWindows-Insider-Program%2FWindows-Defender-Application-Guard-Standalone-mode%2Fm-p%2F66903%23M40%22%20target%3D%22_blank%22%3Epost%3C%2FA%3E%3CP%3EThe%20following%20device%20specifications%20are%20required%20to%20install%20the%20WDAG%20feature%3A%3C%2FP%3EAt%20least%208%20GB%20of%20RAM%20At%20least%205%20GB%20of%20free%20disk%20space%20At%20least%204%20CPU%20cores%3C%2FLINGO-BODY%3E
Mark Hansen
Microsoft

The WDAG policy is enabled for all Olympia users, but there are still manual steps needed to activate it on your client device. There is work going on now that will allow the full activation via Intune console that will be ready in January.  Until then, please activate it using these steps, then try it out and provide feedback using Feedback Hub.  Thank you - the Olympia Crew. 

 

     1)  Ensure that hypervisor capabilities are enabled in the BIOS on the device

     2)  Open up Control Panel

             - Click on "Programs"

             - Click on "Programs and Features"

             - Click on "Turn Windows features on or off" in the sidebar

             - Check the box next to "Windows Defender Application Guard"

             - Click "OK"

     3)  Reboot the device when prompted

     4)  After logging in after the reboot, based on the Olympia WDAG policy, some sites will automatically open Edge in an isolated Edge window (with orange chrome at the top)

 

Note - You can also manually turn on WDAG for any given Edge session by following above instructions, and after the reboot (step 3), do the following:

  • Open Edge, click on the three dots in the top right, and click on the "New Application Guard window" option.
  • A dialog stating "Windows Defender Application Guard is starting" will now come up
  • Soon after, a new isolated Edge window with orange chrome at the top should open
  • You should now be able to navigate to websites inside the isolated Edge window like you can in normal Edge
  • For more information on using WDAG in standalone mode - see this post

The following device specifications are required to install the WDAG feature:

  • At least 8 GB of RAM
  • At least 5 GB of free disk space
  • At least 4 CPU cores
Related Conversations
Extentions Synchronization
Deleted in Discussions on
3 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies