Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, May 1, 2018 8:11 PM | 1 vote
I wanted to try a new feature in Windows 10 PRO 1803: Windows Defender Application Guard but still can not turn it on.
My way:
- I go Turn Windows features on or off -> and i see grayed icon WDAG
- Go BIOS and active: Intel Virtual Technology, Restart
- I go Turn Windows features on or off -> STILL grayed wtf ?
- Bypass: Powershell -> Enable-WindowsOptionalFeature -Online -FeatureName Windows-Defender-ApplicationGuard
- Restart PC and heureka feature now active
- Go MS Edge and button "New Appliaction Guard Windows" MISSING!
What is wrong ? My CPU support VT-x/VT-d
THX
All replies (6)
Wednesday, May 2, 2018 12:05 AM
Windows Defender Application Guard requires Hyper-V to also be turned on. So make sure Hyper V Hypervisor and Hyper -V Services are turned on along with Windows Defender Application Guard under Turn Windows features on or off .
Please see:
System requirements for Windows Defender Application Guard
S.Sengupta,Microsoft MVP Windows and Devices for IT, Windows Insider MVP
Wednesday, May 2, 2018 8:53 AM
Hi Deexer,
Check both the Hyper-V and Windows Defender Application Guard box, click/tap on OK.
Windows Defender Application Guard requires Hyper-V to also be turned on.*
*If either feature is grayed out, then you will need to enable virtualization in your UEFI firmware settings, and try again.
Hope it will be helpful to you
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Wednesday, May 2, 2018 3:41 PM
Of course, the first thing I did was BIOS configuration: Intel Virtual Technology is ENABLE (I do not know what else to turn on) Yes, Hyper-V and other services fully enabled. I try WDAG disable and after restart PC again grayed. (The only option is to turn them on again via Powershell.)
Friday, May 4, 2018 4:52 PM
Can not it just be BUG? ** OR **It can not be related to the fact that my motherboard manufacturer did not release MELTDOWN / SPECTRE security fix. Therefore, it does not make sense to allow security WDAG ? I really do not know more what I would try.
Sunday, May 13, 2018 10:37 AM
Hi Deexer,
Thank you for your update and sorry for the late reply.
I create a new Windows 10 1803 machine to test and it works fine.
If you have checked the settings above, I'm afraid that it may be related to the system file after upgrade.
I suggest that you could perform an In-place Upgrade to repair or upgrade again.
https://www.microsoft.com/en-au/software-download/windows10
Hope it will be helpful to you
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Friday, March 8, 2019 2:48 AM
Hi,
I had exactly the same issue a few days ago.
For me, the reason was my computer didn't meet the recommended system requirements (4 cores and 8GB RAM, whereas my computer only had 2 cores and 4GB RAM). See https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard
You can get around this by setting some registry values (see FAQs in the above link). I added HKLM\software\Microsoft\Hvsi\SpecRequiredProcessorCount = 2 and HKLM\software\Microsoft\Hvsi\SpecRequiredMemoryInGB = 4 (both as DWORD) and then the feature became available.
Obviously the recommended system requirements are there for a reason, but performance on my machine (old i3 with 4GB RAM) was decent/acceptable and better than expected. And well worth the added security IMO.
Cheers
David
PS: if anyone knows the answer to this question, would be grateful for some help (https://answers.microsoft.com/en-us/edge/forum/all/windows-defender-application-guard-are-wdag/24c21abe-e9eb-4d3a-8841-4047b78e1d33).