Internet Traffic blocked in Edge Sandbox Mode (Windows Defender Application Guard)
I have successfully activated Windows Defender Application Guard but it seems surfing in Edge Sandbox Mode has been impossible. All required gpos and addition requirements as described on here: https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/microsoft-defender-application-guard/configure-md-app-guard https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/microsoft-defender-application-guard/faq-md-app-guard have been configured accordingly. I had a tip from microsoft support that my firewall could be blocking traffic (NAT)coming from the Host Computer so should allow all IP subnets in the range of 172.x.x.x or 192.x.x.x. I have tested that by allowing this traffic in the Trellix including Remote Ports 49700–65535, as described in Trellix documentation here https://kcm.trellix.com/corporate/index?page=content&id=KB88788 but to no avail. Could there be any other underlying root causes in a typical Enterprise environment where systems have been hardened using Security policies defined by CIS. What rules can be exempted here in order to allow this kind of traffic. Anybody has experience with this kind of environment or issue. Some tips will be welcomed.
Windows Defender Application Guard with AMD CPU (Pro, 1909 Build) problem
Hello guys, i can't install/ enable the Windows Defender Application Guard in "Apps & Features". The feature is greyout: I don't think it matters that i configure the "Windows 10 Version 1903 and Windows Server Version 1903 Security Baseline (Sept2019Update)" but just in case. Also my CPU is a AMD Ryzen 5 2600 with ASRock B450 Pro4 with latest BIOS (3.50) and i enable all features which are required. Same also for IOMMU support but (maybe related?) msinfo32 hide Hyper-V information if i enable AMD-V: My PC also have the requirements from https://docs.microsoft.com/de-de/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard (16GB RAM, SSD, even IOMMU enabled) I also enable the feature over Powershell and reboot but Edge doesn't show me a "open isolated tab" so i guess it doesn't work. Please help Edit: i also try a InPlace Upgrade (from 1809 to 1909 build) which doesn't help
