Enable Data Persistence for Microsoft Edge in Application Guard  

    Enable Data Persistence for Microsoft Edge in Application Guard

    Enable Data Persistence for Microsoft Edge in Application Guard

    Enable Microsoft Edge Data Persistence with Microsoft Defender Application Guard in Windows 10
    Published by Category: Browsers & Email
    25 Dec 2020
    Designer Media Ltd



    Enable Microsoft Edge Data Persistence with Microsoft Defender Application Guard in Windows 10


    Starting with Windows 10 Enterprise build 16188, Microsoft has made it easy to test drive Microsoft Edge with Application Guard.

    Microsoft Edge running in Application Guard provides enterprises the maximum level of protection from malware and zero day attacks against Windows. Microsoft Defender Application Guard for Microsoft Edge is a lightweight virtual machine that helps isolate potentially malicious website activity from reaching your operating systems, apps, and data.

    There is no persistence of any cookies or local storage when an Application Guard window is closed in Microsoft Edge.

    Three core features of Windows Defender Application Guard:
    • Isolated Browsing - Windows Defender Application Guard uses the latest virtualization technology to help protect your operating system by creating an isolated environment for your Microsoft Edge session.
    • Help Safeguard your PC - Windows Defender Application Guard starts up every time you visit a non-work-related site to help keep potentially malicious attacks away from your PC.
    • Malware Removal - Any websites you visit, files you download, or settings you change while in this isolated environment are deleted when you sign out of Windows, wiping out any potential malware.

    Starting with Windows 10 Enterprise build 16232, Microsoft added support for Microsoft Edge data persistence while using Application Guard. Once enabled, data such as your favorites, cookies, and saved passwords will be persisted across Application Guard sessions. The persisted data will be not be shared or surfaced on the host, but it will be available for future Microsoft Edge in Application Guard sessions.

    When you have enabled Data Persistence for Application Guard, the site you saved to your Favorites will be available for later use, with Microsoft Edge in Application Guard, even after reboots as well as build to build upgrades of Windows 10.

    Microsoft Defender Application Guard will need to be turned on for users on the PC to be able to open a new Application Guard window in Microsoft Edge.

    See also: Application Guard testing scenarios - Data persistence options | Microsoft Docs

    This tutorial will show you how to enable or disable Microsoft Edge data persistence while using Microsoft Defender Application Guard for all users in Windows 10 Enterprise and Education.

    You must be signed in as an administrator to enable or disable Microsoft Edge data persistence with Application Guard.



    Contents

    • Option One: Enable or Disable Data Persistence in Microsoft Edge with Application Guard from Local Group Policy
    • Option Two: Enable or Disable Data Persistence in Microsoft Edge with Application Guard using a REG file



    EXAMPLE: Microsoft Defender Application Guard for Microsoft Edge



    Enable Data Persistence for Microsoft Edge in Application Guard-microsoft_edge_new_application_guard_window-1.png Enable Data Persistence for Microsoft Edge in Application Guard-microsoft_edge_new_application_guard_window-2.png






    OPTION ONE

    Enable or Disable Data Persistence in Microsoft Edge with Application Guard from Local Group Policy


    1 Open the Local Group Policy Editor.

    2 Navigate to the location below in the left pane of the Local Group Policy Editor. (see screenshot below)

    Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Application Guard

    Enable Data Persistence for Microsoft Edge in Application Guard-data_persistance_in_microsoft_edge_application_guard_gpedt-1.png

    3 In the right pane of Microsoft Defender Application Guard in Local Group Policy Editor, double click/tap on the Allow data persistence for Microsoft Defender Application Guard policy to edit it. (see screenshot above)

    4 Do step 5 (enable) or step 6 (disable) below for what you would like to do.


    5 To Enable Data Persistence in Microsoft Edge with Application Guard

    A) Select (dot) Enabled, click/tap on OK, and go to step 7 below. (see screenshot below)


    6 To Disable Data Persistence in Microsoft Edge with Application Guard

    A) Select (dot) Not Configured or Disabled, click/tap on OK, and go to step 7 below. (see screenshot below)

    Not Configured is the default setting.

    Enable Data Persistence for Microsoft Edge in Application Guard-data_persistance_in_microsoft_edge_application_guard_gpedt-2.png


    7 When finished, you can close the Local Group Policy Editor if you like.






    OPTION TWO

    Enable or Disable Data Persistence in Microsoft Edge with Application Guard using a REG file


    The downloadable .reg files below will add and modify the DWORD value in the registry keys below.

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{06B65579-249A-4A42-A45F-5DE7BC943143}Machine\Software\Policies\Microsoft\AppHVSI]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{06B65579-249A-4A42-A45F-5DE7BC943143}Machine\Software\Policies\Microsoft\AppHVSI

    AllowPersistence DWORD

    0 or delete = Disable
    1 = Enable


    1 Do step 2 (enable) or step 3 (disable) below for what you would like to do.


    2 To Enable Data Persistence in Microsoft Edge with Application Guard

    A) Click/tap on the Download button below to download the file below, and go to step 4 below.

    Enable_data_persistance_using_Microsoft_Edge_with_Application_Guard.reg

    Download


    3 To Disable Data Persistence in Microsoft Edge with Application Guard

    This is the default setting.

    A) Click/tap on the Download button below to download the file below, and go to step 4 below.

    Disable_data_persistance_using_Microsoft_Edge_with_Application_Guard.reg

    Download


    4 Save the .reg file to your desktop.

    5 Double click/tap on the downloaded .reg file to merge it.

    6 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

    7 Either Sign out and sign in or restart the computer to apply.

    8 If you like, you can now delete the downloaded .reg file.


    That's it,
    Shawn






  1. Posts : 10
    Windows 10
       #1

    I'm using Windows 10 Pro N and this just isn't working for me. I've enabled it, restarted my computer, opened Edge in Application Guard and logged into my account on a website. A restart later and I'm logged out.

    Edge specifically tells me no history will be stored if I press ctrl+H in the browser.

    Is this an Enterprise-only feature?
      My Computer


  2. Posts : 64,536
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       #2

    Hello Battleroyale, and welcome to Ten Forums. :)

    I just tested on my system, and it appears that it no longer works in Pro and only works in Enterprise now.
      My Computers


  3. Posts : 10
    Windows 10
       #3

    *2 years later*

    This eventually started working again, but then I decided to reinstall my computer, and now this isn't working to my great horror. For some reason, everything is still wiped when I restart the computer even with this enabled.

    Does anyone have any ideas? Do I just wait and hope the next update of W10 fixes it?

    I wouldn't mind if it weren't for all the darn cookie alerts appearing every time

    PS. This feature seems to have been renamed Microsoft Defender Application Guard. Maybe replace the pictures, etc?

    Edit: Fixed it! It would seem that in Windows 10 Education, Regedit and using the GUI can't enable this setting. Only gpedit.msc can. So thanks for that! :)

    Edit2: Aaaand now the internet connection doesn't work. Is this program cursed?
    Last edited by Battleroyale; 21 Dec 2020 at 09:28.
      My Computer


  4. Posts : 64,536
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       #4

    Thank you @Battleroyale. The tutorial has now been updated for the new name.
      My Computers


  5. Posts : 10
    Windows 10
       #5

    Brink said:
    Thank you @Battleroyale. The tutorial has now been updated for the new name.
    You might want to update the picture of Edge too. It currently shows Edge Legacy, which isn't available on the latest version of Windows 10.
      My Computer


  6. Posts : 64,536
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       #6

    Battleroyale said:
    You might want to update the picture of Edge too. It currently shows Edge Legacy, which isn't available on the latest version of Windows 10.
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 16:29.
Find Us




Windows 10 Forums