Start Edge with Application Guard automatically?

%3CLINGO-SUB%20id%3D%22lingo-sub-1208420%22%20slang%3D%22en-US%22%3EStart%20Edge%20with%20Application%20Guard%20automatically%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1208420%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20trying%20to%20implement%20Windows%20Defender%20Application%20Guard%20(WDAG)%20with%20the%20new%20chromium%20Microsoft%20Edge.%20I%20have%20configured%20a%20lot%20of%20the%20GPO's%20related%20to%20WDAG%2C%20and%20applied%20them%20on%20a%20PC.%20The%20PC%20gets%20the%20policies%2C%20and%20I%20can%20manually%20start%20Edge%2C%20and%20then%20choose%20the%20button%20in%20Edge%20%22Start%20with%20Application%20Guard%22.%20And%20then%20WDAG%20works%20fine.%20But%20I%20can't%20seem%20to%20get%20Edge%20started%20automatically%20with%20WDAG%20on%2C%20when%20a%20user%20launches%20Edge.%20Isn't%20it%20supposed%20to%20be%20able%20to%20do%20that%2C%20so%20that%20users%20don't%20have%20to%20manually%20start%20Edge%20with%20WDAG%3F%3C%2FP%3E%3CP%3EI%20also%20cannot%20get%20other%20policies%20with%20WDAG%20to%20work%2C%20like%20downloading%20files%20to%20the%20OS%20outside%20of%20WDAG.%20But%20when%20i%20run%20a%20GPO%20result%20on%20the%20PC%2C%20it%20says%20it%20receives%20the%20below%20policies.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22blomsterharry_0-1583313369009.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F175001i91842D41A54D6502%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20title%3D%22blomsterharry_0-1583313369009.png%22%20alt%3D%22blomsterharry_0-1583313369009.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EHas%20anybody%20got%20the%20policies%20above%20to%20work%2C%20and%20start%20Edge%20with%20WDAG%20automatically%3F%3C%2FP%3E%3CP%3ENote%3A%20We%20are%20using%20McAfee%20as%20our%20antivirus%20system%2C%20so%20Windows%20Defender%20is%20not%20active.%20But%20do%20we%20maybe%20have%20to%20use%20Windows%20Defender%20as%20our%20antivirus%20instead%2C%20to%20get%20this%20functionality%20to%20work%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1209869%22%20slang%3D%22en-US%22%3ERe%3A%20Start%20Edge%20with%20Application%20Guard%20automatically%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1209869%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F342988%22%20target%3D%22_blank%22%3E%40blomsterharry%3C%2FA%3E%26nbsp%3B...%20Will%20it%20be%20possible%20to%20restart%20the%20machine%20once%20%26amp%3B%20tell%20us%20what%20you%20observe%20when%20you%20go%20to%20a%20site%20which%20is%20NOT%20in%20your%20Network%20Isolation%20policies%3F%20Application%20Guard%20should%20have%20no%20co-relation%20to%20the%20state%20of%20your%20anti-virus%20system.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1210688%22%20slang%3D%22en-US%22%3ERe%3A%20Start%20Edge%20with%20Application%20Guard%20automatically%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1210688%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F402188%22%20target%3D%22_blank%22%3E%40Naren-%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ENothing%20changes.%20It%20never%20enters%20Application%20Guard%20mode.%20It's%20like%20the%20policies%20don't%20get%20applied%2C%20but%20the%20PC%20says%20it%20gets%20applied.%3C%2FP%3E%3CP%3EDo%20I%20have%20to%20have%20a%20proxy%20server%20in%20my%20environment%20to%20get%20it%20to%20work%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

We are trying to implement Windows Defender Application Guard (WDAG) with the new chromium Microsoft Edge. I have configured a lot of the GPO's related to WDAG, and applied them on a PC. The PC gets the policies, and I can manually start Edge, and then choose the button in Edge "Start with Application Guard". And then WDAG works fine. But I can't seem to get Edge started automatically with WDAG on, when a user launches Edge. Isn't it supposed to be able to do that, so that users don't have to manually start Edge with WDAG?

I also cannot get other policies with WDAG to work, like downloading files to the OS outside of WDAG. But when i run a GPO result on the PC, it says it receives the below policies.

blomsterharry_0-1583313369009.png

Has anybody got the policies above to work, and start Edge with WDAG automatically?

Note: We are using McAfee as our antivirus system, so Windows Defender is not active. But do we maybe have to use Windows Defender as our antivirus instead, to get this functionality to work?

2 Replies
Highlighted

@blomsterharry ... Will it be possible to restart the machine once & tell us what you observe when you go to a site which is NOT in your Network Isolation policies? Application Guard should have no co-relation to the state of your anti-virus system.

Highlighted

@Naren- 

 

Nothing changes. It never enters Application Guard mode. It's like the policies don't get applied, but the PC says it gets applied.

Do I have to have a proxy server in my environment to get it to work?