Microsoft is extending the protection capabilities of Windows Defender Application Guard with the release of browser extensions for Chrome and Firefox.
The new extensions were designed to automatically redirect untrusted navigations to Windows Defender Application Guard for Microsoft Edge. The extensions check site URLs against a list of trusted domains (defined by enterprise admins) and redirect to an isolated Microsoft Edge session if the site is untrusted.
The isolated session allows users to navigate to any untrusted site without risking the security of the system, Microsoft says. If the user navigates to a trusted site while in the isolated session, they are taken back to the default browser.
The Windows Defender Application Guard extension leverages a native application designed to support the communication between the browser and the device’s Application Guard settings, Microsoft says.
Admins looking to configure the extension should first make sure that the user device meets requirements. In the Windows Defender Application Guard, they need to define a list of trusted sites, and should install the new Windows Defender Application Guard companion application from the Microsoft Store, as well as the Chrome or Firefox extension, and then restart the device.
Microsoft says it decided to design the user interface so as to be “transparent to users about Windows Defender Application Guard being installed on their devices and what it does.”
“We want to ensure that users are fully aware that their untrusted navigations will be isolated and why,” the software giant says.
A Windows Defender Application Guard landing page will be displayed when Chrome or Firefox are launched with a properly deployed and configured extension, and instructions will be provided on how to address configuration errors.
Microsoft also explains that users are provided with the option to initiate an Application Guard session without entering a URL or clicking on a link by simply clicking the extension icon on the menu bar of the browser.
The extension is currently rolling out to Windows Insiders, but Microsoft plans on making it generally available soon. The extension is designed for users on Win 10 Enterprise and Pro SKUs on 1803 or later.
Related: Microsoft Unveils New Azure, Windows Defender ATP Tools
Related: Microsoft Brings Application Guard to Windows 10 Pro