From aa00a50d7d34d874ddb67629b83e08fa697e6d31 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Thu, 25 May 2023 13:21:47 -0400
Subject: [PATCH] Update metadata
---
.../windows-sandbox-architecture.md | 13 +--
...indows-sandbox-configure-using-wsb-file.md | 7 +-
.../windows-sandbox-overview.md | 9 +-
windows/security/docfx.json | 84 ++++++++++---------
4 files changed, 53 insertions(+), 60 deletions(-)
diff --git a/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-architecture.md b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-architecture.md
index 0dfbc42f89..dac2d9f311 100644
--- a/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-architecture.md
+++ b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-architecture.md
@@ -1,13 +1,8 @@
---
title: Windows Sandbox architecture
description: Windows Sandbox architecture
-ms.prod: windows-client
-author: vinaypamnani-msft
-ms.author: vinpa
-manager: aaroncz
ms.topic: article
-ms.date: 6/30/2022
-ms.technology: itpro-security
+ms.date: 05/25/2023
---
# Windows Sandbox architecture
@@ -19,7 +14,7 @@ Windows Sandbox benefits from new container technology in Windows to achieve a c
Rather than requiring a separate copy of Windows to boot the sandbox, Dynamic Base Image technology uses the copy of Windows already installed on the host.
Most OS files are immutable and can be freely shared with Windows Sandbox. A small subset of operating system files are mutable and can't be shared, so the sandbox base image contains pristine copies of them. A complete Windows image can be constructed from a combination of the sharable immutable files on the host and the pristine copies of the mutable files. With the help of this scheme, Windows Sandbox has a full Windows installation to boot from without needing to download or store an extra copy of Windows.
-
+
Before Windows Sandbox is installed, the dynamic base image package is stored as a compressed 30-MB package. Once it's installed, the dynamic base image occupies about 500 MB of disk space.
@@ -43,7 +38,7 @@ With ordinary virtual machines, the Microsoft hypervisor controls the scheduling
Windows Sandbox employs a unique policy that allows the virtual processors of the Sandbox to be scheduled like host threads. Under this scheme, high-priority tasks on the host can preempt less important work in the Sandbox. This preemption means that the most important work will be prioritized, whether it's on the host or in the container.
-
+
## WDDM GPU virtualization
Hardware accelerated rendering is key to a smooth and responsive user experience, especially for graphics-intensive use cases. Microsoft works with its graphics ecosystem partners to integrate modern graphics virtualization capabilities directly into DirectX and Windows Display Driver Model (WDDM), the driver model used by Windows.
@@ -53,7 +48,7 @@ This feature allows programs running inside the sandbox to compete for GPU resou
To take advantage of these benefits, a system with a compatible GPU and graphics drivers (WDDM 2.5 or newer) is required. Incompatible systems will render apps in Windows Sandbox with Microsoft's CPU-based rendering technology, Windows Advanced Rasterization Platform (WARP).
-
+
## Battery pass-through
Windows Sandbox is also aware of the host's battery state, which allows it to optimize its power consumption. This functionality is critical for technology that is used on laptops, where battery life is often critical.
diff --git a/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
index e9dc1bb0cc..a0d3dc4bea 100644
--- a/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
+++ b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
@@ -1,16 +1,11 @@
---
title: Windows Sandbox configuration
description: Windows Sandbox configuration
-ms.prod: windows-client
-author: vinaypamnani-msft
-ms.author: vinpa
-manager: aaroncz
ms.collection:
- highpri
- tier2
ms.topic: article
-ms.date: 6/30/2022
-ms.technology: itpro-security
+ms.date: 05/25/2023
---
# Windows Sandbox configuration
diff --git a/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md
index 000dbffecc..02bb837f09 100644
--- a/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md
@@ -1,23 +1,18 @@
---
title: Windows Sandbox
description: Windows Sandbox overview
-ms.prod: windows-client
-author: vinaypamnani-msft
-ms.author: vinpa
-manager: aaroncz
ms.collection:
- highpri
- tier2
ms.topic: article
-ms.date: 6/30/2022
-ms.technology: itpro-security
+ms.date: 05/25/2023
---
# Windows Sandbox
Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine.
-A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of [Windows 11 Build 22509](https://blogs.windows.com/windows-insider/2021/12/01/announcing-windows-11-insider-preview-build-22509/), your data will persist through a restart initiated from inside the virtualized environment—useful for installing applications that require the OS to reboot.
+A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of Windows 11, version 22H2, your data will persist through a restart initiated from inside the virtualized environment—useful for installing applications that require the OS to reboot.
Software and applications installed on the host aren't directly available in the sandbox. If you need specific applications available inside the Windows Sandbox environment, they must be explicitly installed within the environment.
diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index d8d58c9943..e387747efd 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -54,10 +54,10 @@
}
},
"contributors_to_exclude": [
- "rjagiewich",
- "traya1",
- "rmca14",
- "claydetels19",
+ "rjagiewich",
+ "traya1",
+ "rmca14",
+ "claydetels19",
"jborsecnik",
"tiburd",
"AngelaMotherofDragons",
@@ -66,68 +66,76 @@
"garycentric",
"beccarobins"
],
- "searchScope": ["Windows 10"]
+ "searchScope": [
+ "Windows 10"
+ ]
},
"fileMetadata": {
- "author":{
+ "author": {
+ "application-security/application-isolation/windows-sandbox/**/*.md": "vinaypamnani-msft",
"identity-protection/**/*.md": "paolomatarazzo",
"operating-system-security/network-security/**/*.md": "paolomatarazzo",
"operating-system-security/network-security/windows-firewall/**/*.md": "ngangulyms"
},
- "ms.author":{
+ "ms.author": {
+ "application-security/application-isolation/windows-sandbox/**/*.md": "vinpa",
"identity-protection/**/*.md": "paoloma",
"operating-system-security/network-security/**/*.md": "paoloma",
"operating-system-security/network-security/windows-firewall/*.md": "nganguly"
},
- "appliesto":{
+ "appliesto": {
+ "application-security/application-isolation/windows-sandbox/**/*.md": [
+ "✅ Windows 11",
+ "✅ Windows 10"
+ ],
"identity-protection/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10"
+ "✅ Windows 11",
+ "✅ Windows 10"
],
"identity-protection/credential-guard/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10",
- "✅ Windows Server 2022",
- "✅ Windows Server 2019",
- "✅ Windows Server 2016"
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
],
"identity-protection/smart-cards/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10",
- "✅ Windows Server 2022",
- "✅ Windows Server 2019",
- "✅ Windows Server 2016"
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
],
"identity-protection/user-account-control/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10",
- "✅ Windows Server 2022",
- "✅ Windows Server 2019",
- "✅ Windows Server 2016"
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
],
"identity-protection/virtual-smart-cards/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10",
- "✅ Windows Server 2022",
- "✅ Windows Server 2019",
- "✅ Windows Server 2016"
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
],
"operating-system-security/network-security/windows-firewall/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10",
- "✅ Windows Server 2022",
- "✅ Windows Server 2019",
- "✅ Windows Server 2016"
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
]
},
- "ms.reviewer":{
+ "ms.reviewer": {
"identity-protection/hello-for-business/*.md": "erikdau",
"identity-protection/credential-guard/*.md": "zwhittington",
"identity-protection/access-control/*.md": "sulahiri",
"operating-system-security/network-security/windows-firewall/*.md": "paoloma",
"operating-system-security/network-security/vpn/*.md": "pesmith"
},
- "ms.collection":{
+ "ms.collection": {
"identity-protection/hello-for-business/*.md": "tier1",
"information-protection/bitlocker/*.md": "tier1",
"information-protection/personal-data-encryption/*.md": "tier1",
@@ -142,4 +150,4 @@
"dest": "security",
"markdownEngineName": "markdig"
}
-}
+}
\ No newline at end of file