A new feature coming to Windows 10, for Pro and Enterprise users and it is called Windows Sandbox. Windows Sandbox is software that allows you to create a temporary isolated environment which can then be used to run a potentially suspicious app or just for testing.

Sandbox will come as part of Windows Pro/Enterprise and will be shown as a feature ready to be installed

This implementation makes it easily accessible and less work than creating a Hyper-V session for a quick test.

sand

The set up for Sandbox is very simple, once opened it’s effectively a clean and new installation of Windows, no need for a complicated set up as with other virtual environments. It has the host’s diagnostic data settings and all other privacy settings are set to the default values, totally secure and away from your network. Each time a new session is closed all settings revert to default so every session is new and fresh.

This is a very convenient security measure to have in place. You will be able to witness first-hand what an application does when run, therefore if it is harmful you can remove it from your PC without ever opening it and exposing it to your files/network as the sandbox is ring-fenced.

The reason it does not affect your PC is because it uses hardware based virtualisation for the kernel isolation. That is done by relying on Microsoft’s hypervisor (Hyper-V) to have Sandbox separate from the host.

It is in the early stages but requires Windows 10 build 18305. Obviously as this is still in beta there could be compatibility issues and performance issues.