deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 14:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #3730 from MicrosoftDocs/master

Browse Source 
Publish 9/8/2020 10:30 AM PT
This commit is contained in:
Tina Burden 2020-09-08 10:39:00 -07:00 committed by GitHub
commit d83bfabc54
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 165 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/TOC.md
View File

@ -71,7 +71,8 @@
##### [Application isolation]()
###### [Application guard overview](microsoft-defender-application-guard/md-app-guard-overview.md)
###### [System requirements](microsoft-defender-application-guard/reqs-md-app-guard.md)
###### [Install Windows Defender Application Guard](microsoft-defender-application-guard/install-md-app-guard.md)
###### [Install Microsoft Defender Application Guard](microsoft-defender-application-guard/install-md-app-guard.md)
###### [Install Microsoft Defender Application Guard Extension](microsoft-defender-application-guard/md-app-guard-browser-extension.md)
##### [Application control](windows-defender-application-control/windows-defender-application-control.md)
###### [Audit Application control policies](windows-defender-application-control/audit-windows-defender-application-control-policies.md)

4
windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
View File

@ -13,7 +13,7 @@ ms.author: deniseb
ms.custom: nextgen
ms.reviewer:
manager: dansimp
ms.date: 09/04/2020
ms.date: 09/07/2020
---
# Manage Microsoft Defender Antivirus updates and apply baselines
@ -63,7 +63,7 @@ All our updates contain:
 Security intelligence update version: **1.323.9.0**
 Released: **August 27, 2020**
 Platform: **4.18.2008.3**
 Platform: **4.18.2008.9**
 Engine: **1.1.17400.5**
 Support phase: **Security and Critical Updates**

1
windows/security/threat-protection/microsoft-defender-application-guard/TOC.md
View File

@ -4,4 +4,5 @@
## [Install WDAG](install-md-app-guard.md)
## [Configure WDAG policies](configure-md-app-guard.md)
## [Test scenarios](test-scenarios-md-app-guard.md)
## [Microsoft Defender Application Guard Extension](md-app-guard-browser-extension.md)
## [FAQ](faq-md-app-guard.md)

BIN
windows/security/threat-protection/microsoft-defender-application-guard/images/app-guard-chrome-extension-evaluation-page.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 68 KiB

BIN
windows/security/threat-protection/microsoft-defender-application-guard/images/app-guard-chrome-extension-launchIng-edge.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 114 KiB

BIN
windows/security/threat-protection/microsoft-defender-application-guard/images/app-guard-chrome-extension-new-app-guard-page.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 507 KiB

98
windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-browser-extension.md Normal file
View File

@ -0,0 +1,98 @@
---
title: Microsoft Defender Application Guard Extension
description: Learn about the Microsoft Defender Application Guard browser extension, which extends Application Guard's protection to more web browsers.
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: martyav
ms.author: v-maave
ms.date: 06/12/2020
ms.reviewer:
manager: dansimp
ms.custom: asr
---
# Microsoft Defender Application Guard Extension
**Applies to:**
- Windows 10
[Microsoft Defender Application Guard Extension](https://www.microsoft.com/security/blog/2019/05/23/new-browser-extensions-for-integrating-microsofts-hardware-based-isolation/) is a web browser add-on available for [Chrome](https://chrome.google.com/webstore/detail/application-guard-extensi/mfjnknhkkiafjajicegabkbimfhplplj/) and [Firefox](https://addons.mozilla.org/en-US/firefox/addon/application-guard-extension/).
[Microsoft Defender Application Guard](md-app-guard-overview.md) provides Hyper-V isolation on Windows 10, to protect users from potentially harmful content on the web. The extension helps Application Guard protect users running other web browsers.
> [!TIP]
> Application Guard, by default, offers [native support](https://docs.microsoft.com/deployedge/microsoft-edge-security-windows-defender-application-guard) to both Microsoft Edge and Internet Explorer. These browsers do not need the extension described here for Application Guard to protect them.
Microsoft Defender Application Guard Extension defends devices in your organization from advanced attacks, by redirecting untrusted websites to an isolated version of [Microsoft Edge](https://www.microsoft.com/edge). If an untrusted website turns out to be malicious, it remains within Application Guard's secure container, keeping the device protected.
## Prerequisites
Microsoft Defender Application Guard Extension works with the following editions of Windows 10, version 1803 or later:
- Windows 10 Professional
- Windows 10 Enterprise
- Windows 10 Education
Application Guard itself is required for the extension to work. It has its own set of [requirements](reqs-md-app-guard.md). Check the Application Guard [installation guide](install-md-app-guard.md) for further steps, if you don't have it installed already.
## Installing the extension
Application Guard can be run under [managed mode](install-md-app-guard.md#enterprise-managed-mode) or [standalone mode](install-md-app-guard.md#standalone-mode). The main difference between the two modes is whether policies have been set to define the organization's boundaries.
Enterprise administrators running Application Guard under managed mode should first define Application Guard's [network isolation settings](configure-md-app-guard.md#network-isolation-settings), so a set of enterprise sites is already in place.
From there, the steps for installing the extension are similar whether Application Guard is running in managed or standalone mode.
1. On the local device, download and install the Application Guard extension for Google [Chrome](https://chrome.google.com/webstore/detail/application-guard-extensi/mfjnknhkkiafjajicegabkbimfhplplj/) and/or Mozilla [Firefox](https://addons.mozilla.org/en-US/firefox/addon/application-guard-extension/).
1. Install the [Windows Defender Application Guard companion app](https://www.microsoft.com/p/windows-defender-application-guard-companion/9n8gnlc8z9c8#activetab=pivot:overviewtab) from the Microsoft Store. This companion app enables Application Guard to work with web browsers other than Microsoft Edge or Internet Explorer.
1. Restart the device.
### Recommended browser group policies
Both Chrome and Firefox have their own browser-specific group policies. We recommend that admins use the following policy settings.
#### Chrome policies
These policies can be found along the filepath, *Software\Policies\Google\Chrome\\*, with each policy name corresponding to the file name (e.g., IncognitoModeAvailability is located at *Software\Policies\Google\Chrome\IncognitoModeAvailability*).
Policy name | Values | Recommended setting | Reason
-|-|-|-
[IncognitoModeAvailability](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=IncognitoModeAvailability) | `0` = Enabled <br /> `1` = Disabled <br /> `2` = Forced (i.e. forces pages to only open in Incognito mode) | Disabled | This policy allows users to start Chrome in Incognito mode. In this mode, all extensions are turned off by default.
[BrowserGuestModeEnabled](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=BrowserGuestModeEnabled) | `false` or `0` = Disabled <br /> `true`, `1`, or not configured = Enabled | Disabled | This policy allows users to login as *Guest*, which opens a session in Incognito mode. In this mode, all extensions are turned off by default.
[BackgroundModeEnabled](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=BackgroundModeEnabled) | `false` or `0` = Disabled <br /> `true` or `1` = Enabled <br /> <br /> **Note:** If this policy is not set, the user can enable or disable background mode through local browser settings. | Enabled | This policy keeps Chrome running in the background, ensuring that navigation is always passed to the extension.
[ExtensionSettings](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=ExtensionSettings) | This policy accepts a dictionary that configures multiple other management settings for Chrome. See the [Google Cloud documentation](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=ExtensionSettings) for complete schema. | Include an entry for `force_installed` | This policy prevents users from manually removing the extension.
#### Firefox policies
These policies can be found along the filepath, *Software\Policies\Mozilla\Firefox\\*, with each policy name corresponding to the file name (e.g., DisableSafeMode is located at *Software\Policies\Mozilla\Firefox\DisableSafeMode*).
Policy name | Values | Recommended setting | Reason
-|-|-|-
[DisableSafeMode](https://github.com/mozilla/policy-templates/blob/master/README.md#DisableSafeMode) | `false` or `0` = Safe mode is enabled <br /> `true` or `1` = Safe mode is disabled | True (i.e. the policy is enabled and Safe mode is *not* allowed to run) | Safe mode can allow users to circumvent Application Guard
[BlockAboutConfig](https://github.com/mozilla/policy-templates/blob/master/README.md#BlockAboutConfig) | `false` or `0` = User access to *about:config* is allowed <br /> `true` or `1` = User access to *about:config* is not allowed | True (i.e. the policy is enabled and access to about:config is *not* allowed) | *About:config* is a special page within Firefox that offers control over many settings that may compromise security
[Extensions - Locked](https://github.com/mozilla/policy-templates/blob/master/README.md#Extensions) | This setting accepts a list of UUIDs for extensions (these can be found by searching `extensions.webextensions.uuids` within the about:config page) | Software\Policies\Mozilla\Firefox\Extensions\Locked\1 = "`ApplicationGuardRel@microsoft.com`" | This setting allows you to lock the extension, so the user cannot disable or uninstall it.
## Troubleshooting guide
<!-- The in-line HTML in the following table is less than ideal, but MarkDown tables break if \r or \n characters are used within table cells -->
Error message | Cause | Actions
-|-|-
Application Guard undetermined state | The extension was unable to communicate with the companion app during the last information request. | 1. Install the [companion app](https://www.microsoft.com/p/windows-defender-application-guard-companion/9n8gnlc8z9c8?activetab=pivot:overviewtab) and reboot</br> 2. If the companion app is already installed, reboot and see if that resolves the error</br> 3. If you still see the error after rebooting, uninstall and re-install the companion app</br> 4. Check for updates in both the Microsoft store and the respective web store for the affected browser
ExceptionThrown | An unexpected exception was thrown. | 1. [File a bug](https://aka.ms/wdag-fb) </br> 2. Retry the operation
Failed to determine if Application Guard is enabled | The extension was able to communicate with the companion app, but the information request failed in the app. | 1. Restart the browser </br> 2. Check for updates in both the Microsoft store and the respective web store for the affected browser
Launch in WDAG failed with a companion communication error | The extension couldn't talk to the companion app, but was able to at the beginning of the session. This can be caused by the companion app being uninstalled while Chrome was running. | 1. Make sure the companion app is installed </br> 2. If the companion app is installed, reboot and see if that resolves the error </br> 3. If you still see the error after rebooting, uninstall and re-install the companion app </br> 4. Check for updates in both the Microsoft store and the respective web store for the affected browser
Main page navigation caught an unexpected error | An unexpected exception was thrown during the main page navigation. | 1. [File a bug](https://aka.ms/wdag-fb) </br> 2. Retry the operation
Process trust response failed with a companion communication error | The extension couldn't talk to the companion app, but was able to at the beginning of the session. This can be caused by the companion app being uninstalled while Chrome was running.| 1. Make sure the companion app is installed. </br> 2. If the companion app is installed, reboot and see if that resolves the error </br> 3. If you still see the error after rebooting, uninstall and re-install the companion app </br> 4. Check for updates in both the Microsoft store and the respective web store for the affected browser
Protocol out of sync | The extension and native app cannot communicate with each other. This is likely caused by one being updated without supporting the protocol of the other. | Check for updates in both the Microsoft store, and the web store for the affected browser
Security patch level does not match | Microsoft determined that there was a security issue with either the extension or the companion app, and has issued a mandatory update. | Check for updates in both the Microsoft store, and the web store for the affected browser
Unexpected response while processing trusted state | The extension was able to communicate with the companion app, but the API failed and a failure response code was sent back to the extension. | 1. [File a bug](https://aka.ms/wdag-fb) </br> 2. Check if Edge is working </br> 3. Retry the operation
## Related articles
- [Microsoft Defender Application Guard overview](md-app-guard-overview.md)
- [Testing scenarios using Microsoft Defender Application Guard in your business or organization](test-scenarios-md-app-guard.md)

7
windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
View File

@ -18,7 +18,7 @@ ms.custom: asr
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
Microsoft Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete.
Microsoft Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete.
## What is Application Guard and how does it work?
@ -42,10 +42,11 @@ Application Guard has been created to target several types of systems:
## Related articles
|Article |Description |
|------|------------|
|Article | Description |
|--------|-------------|
|[System requirements for Microsoft Defender Application Guard](reqs-md-app-guard.md) |Specifies the prerequisites necessary to install and use Application Guard.|
|[Prepare and install Microsoft Defender Application Guard](install-md-app-guard.md) |Provides instructions about determining which mode to use, either Standalone or Enterprise-managed, and how to install Application Guard in your organization.|
|[Configure the Group Policy settings for Microsoft Defender Application Guard](configure-md-app-guard.md) |Provides info about the available Group Policy and MDM settings.|
|[Testing scenarios using Microsoft Defender Application Guard in your business or organization](test-scenarios-md-app-guard.md)|Provides a list of suggested testing scenarios that you can use to test Application Guard in your organization.|
| [Microsoft Defender Application Guard Extension for web browsers](md-app-guard-browser-extension.md) | Describes the Application Guard extension for Chrome and Firefox, including known issues, and a trouble-shooting guide |
|[Frequently asked questions - Microsoft Defender Application Guard](faq-md-app-guard.md)|Provides answers to frequently asked questions about Application Guard features, integration with the Windows operating system, and general configuration.|

96
windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md
View File

@ -15,36 +15,34 @@ ms.custom: asr
# Application Guard testing scenarios
**Applies to:**
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
We've come up with a list of scenarios that you can use to test hardware-based isolation in your organization.
## Application Guard in standalone mode
You can see how an employee would use standalone mode with Application Guard.
### To test Application Guard in Standalone mode
1. [Install Application Guard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard).
1. [Install Application Guard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard).
2. Restart the device, start Microsoft Edge, and then click **New Application Guard window** from the menu.
![New Application Guard window setting option](images/appguard-new-window.png)
3. Wait for Application Guard to set up the isolated environment.
>[!NOTE]
>Starting Application Guard too quickly after restarting the device might cause it to take a bit longer to load. However, subsequent starts should occur without any perceivable delays.
>Starting Application Guard too quickly after restarting the device might cause it to take a bit longer to load. However, subsequent starts should occur without any perceivable delays.
4. Go to an untrusted, but safe URL (for this example, we used msn.com) and view the new Microsoft Edge window, making sure you see the Application Guard visual cues.
![Untrusted website running in Application Guard](images/appguard-visual-cues.png)
## Application Guard in Enterprise-managed mode
## Application Guard in Enterprise-managed mode
How to install, set up, turn on, and configure Application Guard for Enterprise-managed mode.
@ -59,7 +57,7 @@ Before you can use Application Guard in enterprise mode, you must install Window
3. Set up the Network Isolation settings in Group Policy:
a. Click on the **Windows** icon, type _Group Policy_, and then click **Edit Group Policy**.
b. Go to the **Administrative Templates\Network\Network Isolation\Enterprise resource domains hosted in the cloud** setting.
c. For the purposes of this scenario, type _.microsoft.com_ into the **Enterprise cloud resources** box.
@ -81,14 +79,14 @@ Before you can use Application Guard in enterprise mode, you must install Window
>[!NOTE]
>Enabling this setting verifies that all the necessary settings are properly configured on your employee devices, including the network isolation settings set earlier in this scenario.
6. Start Microsoft Edge and type <em>www.microsoft.com</em>.
6. Start Microsoft Edge and type *https://www.microsoft.com*.
After you submit the URL, Application Guard determines the URL is trusted because it uses the domain you've marked as trusted and shows the site directly on the host PC instead of in Application Guard.
![Trusted website running on Microsoft Edge](images/appguard-turned-on-with-trusted-site.png)
7. In the same Microsoft Edge browser, type any URL that isn't part of your trusted or neutral site lists.
After you submit the URL, Application Guard determines the URL is untrusted and redirects the request to the hardware-isolated environment.
![Untrusted website running in Application Guard](images/appguard-visual-cues.png)
@ -108,6 +106,7 @@ Application Guard provides the following default behavior for your employees:
You have the option to change each of these settings to work with your enterprise from within Group Policy.
**Applies to:**
- Windows 10 Enterprise edition, version 1709 or higher
- Windows 10 Professional edition, version 1803
@ -116,24 +115,24 @@ You have the option to change each of these settings to work with your enterpris
1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Configure Microsoft Defender Application Guard clipboard settings**.
2. Click **Enabled** and click **OK**.
![Group Policy editor clipboard options](images/appguard-gp-clipboard.png)
3. Choose how the clipboard works:
- Copy and paste from the isolated session to the host PC
- Copy and paste from the host PC to the isolated session
- Copy and paste both directions
4. Choose what can be copied:
- **1.** Only text can be copied between the host PC and the isolated container.
- **2.** Only images can be copied between the host PC and the isolated container.
- Only text can be copied between the host PC and the isolated container.
- **3.** Both text and images can be copied between the host PC and the isolated container.
- Only images can be copied between the host PC and the isolated container.
- Both text and images can be copied between the host PC and the isolated container.
5. Click **OK**.
@ -156,21 +155,26 @@ You have the option to change each of these settings to work with your enterpris
2. Click **Enabled** and click **OK**.
![Group Policy editor Data Persistence options](images/appguard-gp-persistence.png)
3. Open Microsoft Edge and browse to an untrusted, but safe URL.
The website opens in the isolated session.
The website opens in the isolated session.
4. Add the site to your **Favorites** list and then close the isolated session.
5. Log out and back on to your device, opening Microsoft Edge in Application Guard again.
5. Log out and back on to your device, opening Microsoft Edge in Application Guard again.
The previously added site should still appear in your **Favorites** list.
>[!NOTE]
>If you don't allow or turn off data persistence, restarting a device or logging in and out of the isolated container triggers a recycle event that discards all generated data, including session cookies, Favorites, and so on, removing the data from Application Guard. If you turn on data persistence, all employee-generated artifacts are preserved across container recycle events. However, these artifacts only exist in the isolated container and aren't shared with the host PC. This data persists after restarts and even through build-to-build upgrades of Windows 10.<br><br>If you turn on data persistence, but later decide to stop supporting it for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.<br><br>**To reset the container, follow these steps:**<br/>1. Open a command-line program and navigate to Windows/System32.<br/>2. Type `wdagtool.exe cleanup`. The container environment is reset, retaining only the employee-generated data.<br/>3. Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`. The container environment is reset, including discarding all employee-generated data.
> [!NOTE]
> If you don't allow or turn off data persistence, restarting a device or logging in and out of the isolated container triggers a recycle event that discards all generated data, including session cookies, Favorites, and so on, removing the data from Application Guard. If you turn on data persistence, all employee-generated artifacts are preserved across container recycle events. However, these artifacts only exist in the isolated container and aren't shared with the host PC. This data persists after restarts and even through build-to-build upgrades of Windows 10.
>
> If you turn on data persistence, but later decide to stop supporting it for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.
> <!--- Inline HTML is used on the next several lines so that the ordinal numbers will be rendered correctly; Markdown would otherwise try to render them as letters (a, b, c...) because they would be treated as a nested list --->
> **To reset the container, follow these steps:**<br/>1. Open a command-line program and navigate to Windows/System32.<br/>2. Type `wdagtool.exe cleanup`. The container environment is reset, retaining only the employee-generated data.<br/>3. Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`. The container environment is reset, including discarding all employee-generated data.
**Applies to:**
- Windows 10 Enterprise edition, version 1803
- Windows 10 Professional edition, version 1803
@ -181,10 +185,10 @@ You have the option to change each of these settings to work with your enterpris
2. Click **Enabled** and click **OK**.
![Group Policy editor Download options](images/appguard-gp-download.png)
3. Log out and back on to your device, opening Microsoft Edge in Application Guard again.
4. Download a file from Microsoft Defender Application Guard.
4. Download a file from Microsoft Defender Application Guard.
5. Check to see the file has been downloaded into This PC > Downloads > Untrusted files.
@ -195,12 +199,13 @@ You have the option to change each of these settings to work with your enterpris
2. Click **Enabled** and click **OK**.
![Group Policy editor hardware acceleration options](images/appguard-gp-vgpu.png)
3. Once you have enabled this feature, open Microsoft Edge and browse to an untrusted, but safe URL with video, 3D, or other graphics-intensive content. The website opens in an isolated session.
4. Assess the visual experience and battery performance.
3. Once you have enabled this feature, open Microsoft Edge and browse to an untrusted, but safe URL with video, 3D, or other graphics-intensive content. The website opens in an isolated session.
4. Assess the visual experience and battery performance.
**Applies to:**
- Windows 10 Enterprise edition, version 1809
- Windows 10 Professional edition, version 1809
@ -210,11 +215,11 @@ You have the option to change each of these settings to work with your enterpris
2. Click **Enabled**, set **Options** to 2, and click **OK**.
![Group Policy editor Download options](images/appguard-gp-allow-users-to-trust-files-that-open-in-appguard.png)
![Group Policy editor File trust options](images/appguard-gp-allow-users-to-trust-files-that-open-in-appguard.png)
3. Log out and back on to your device, opening Microsoft Edge in Application Guard again.
4. Open a file in Edge, such an Office 365 file.
4. Open a file in Edge, such an Office 365 file.
5. Check to see that an antivirus scan completed before the file was opened.
@ -224,11 +229,11 @@ You have the option to change each of these settings to work with your enterpris
2. Click **Enabled** and click **OK**.
![Group Policy editor Download options](images/appguard-gp-allow-camera-and-mic.png)
![Group Policy editor Camera and microphone options](images/appguard-gp-allow-camera-and-mic.png)
3. Log out and back on to your device, opening Microsoft Edge in Application Guard again.
4. Open an application with video or audio capability in Edge.
4. Open an application with video or audio capability in Edge.
5. Check that the camera and microphone work as expected.
@ -238,7 +243,20 @@ You have the option to change each of these settings to work with your enterpris
2. Click **Enabled**, copy the thumbprint of each certificate to share, separated by a comma, and click **OK**.
![Group Policy editor Download options](images/appguard-gp-allow-root-certificates.png)
![Group Policy editor Root certificate options](images/appguard-gp-allow-root-certificates.png)
3. Log out and back on to your device, opening Microsoft Edge in Application Guard again.
## Application Guard Extension for third-party web browsers
The [Application Guard Extension](md-app-guard-browser-extension.md) available for Chrome and Firefox allows Application Guard to protect users even when they are running a web browser other than Microsoft Edge or Internet Explorer.
Once a user has the extension and its companion app installed on their enterprise device, you can run through the following scenarios.
1. Open either Firefox or Chrome — whichever browser you have the extension installed on.
1. Navigate to an enterprise website, i.e. an internal website maintained by your organization. You might see this evaluation page for an instant before the site is fully loaded.
![The evaluation page displayed while the page is being loaded, explaining that the user must wait](images/app-guard-chrome-extension-evaluation-page.png)
1. Navigate to a non-enterprise, external website site, such as [www.bing.com](https://www.bing.com). The site should be redirected to Microsoft Defender Application Guard Edge.
![A non-enterprise website being redirected to an Application Guard container -- the text displayed explains that the page is being opened in Application Guard for Microsoft Edge](images/app-guard-chrome-extension-launchIng-edge.png)
1. Open a new Application Guard window, by select the Microsoft Defender Application Guard icon, then **New Application Guard Window**
![The "New Application Guard Window" option is highlighted in red](images/app-guard-chrome-extension-new-app-guard-page.png)

2
windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-migration.md
View File

@ -42,7 +42,7 @@ In this migration guide, we focus on [next-generation protection](https://docs.m
| Feature/Capability | Description |
|---|---|
| [Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt) | Threat & Vulnerability Management capabilities helps identify, assess, and remediate weaknesses across your endpoints (such as devices). |
| [Threat & vulnerability management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt) | Threat & vulnerability management capabilities help identify, assess, and remediate weaknesses across your endpoints (such as devices). |
| [Attack surface reduction](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction) | Attack surface reduction rules help protect your organization's devices and applications from cyberthreats and attacks. |
| [Next-generation protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) | Next-generation protection includes Microsoft Defender Antivirus to help block threats and malware. |
| [Endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) | Endpoint detection and response capabilities detect, investigate, and respond to intrusion attempts and active breaches. |