Windows Sandbox
Windows Sandbox is a powerful software development and security utility that allows you to create a lightweight desktop environment that is completely isolated from the rest of the currently active Windows OS and the host machine, providing a safe and reliable way to run applications in isolation without fear of causing software instability, OS crashes, file damage on local storage, or even compromising the PC with malicious software.
How to install and use Windows Sandbox?
This allows software developers and security specialists to safely test application behavior without worrying about it interfering with the host machine's functionality.
Windows Sandbox has the following properties:
- Part of Windows: Everything needed for this capability is included in Windows 10 Pro and Enterprise. There is no need to download a VHD.
- Pristine: Every time Windows Sandbox runs, it is as clean as if it had just been installed.
- Disposable: Nothing remains on the gadget. When the user closes the application, all data is deleted.
- Security: Kernel isolation is achieved by hardware-based virtualization. It uses the Microsoft hypervisor to run a separate kernel, isolating Windows Sandbox from the host.
- Efficient: employs an integrated kernel scheduler, intelligent memory management, and a virtual GPU.
This security application has only one purpose: To offer users with a totally stable sandbox instance in which they can test various software without risk of the host machine becoming infected, crashing, or experiencing other similar effects. Once completed, the entire instance is erased, leaving no evidence of any testing procedures and discarding and deleting any data and applications. Each sandbox instance is constructed from scratch and provides an identical testing environment.
To entirely isolate each sandbox from the host computer, Windows Sandbox makes use of cutting-edge hardware-virtualization technology designed to isolate the host kernel. Each sandbox instance is established in a matter of seconds using Windows hypervisor, smart memory management, and virtual GPU technologies, allowing experienced users to test incomplete apps and harmful malware in complete isolation from the rest of their PC.
The most recent version of Windows Sandbox is tailored for usage exclusively with Windows 10 (Pro, Enterprise, or Education) and Windows 11 (save for the Home version), and it requires a 64-bit processor and virtualization capability in the host BIOS settings. Once these criteria are completed, users can easily install it on both real and virtual machines.
Usage
- Copy and paste an executable file (and any additional files required to run the application) from the host to the Windows Sandbox window.
- Run the executable file or installer within the sandbox.
- When you're done experimenting, close the sandbox. A dialog box will appear, indicating that all sandbox content will be erased and permanently deleted. Select OK.
- Confirm that your host system does not show any of the changes you made in Windows Sandbox.
- Many Windows PCs already have this program preinstalled, so users may simply activate it by heading to the "Windows Features" configuration dashboard and selecting the Windows Sandbox option. If the "Windows Sandbox" option is greyed out, this indicates that BIOS support has not been properly activated. If the service is not preloaded and does not appear on the Windows Features list, it can be installed on any suitable Windows operating system using an installation package.
Prerequisites
- Windows 10 Pro, Enterprise, or Education build 18305, or Windows 11. (Windows Sandbox is currently not supported on Windows Home edition)
- AMD64 (as of Windows 11 Build 22483) ARM 64 architecture
- Virtualization capabilities are activated in BIOS.
- At least 4 GB of RAM (8 GB is recommended).
- At least 1 GB of free disk space (SSD is preferred).
- At least two CPU cores (four cores with hyperthreading is suggested).
Starting a new Windows Sandbox is as simple as launching a program from the Start menu. Once the instance is active, a new app or software can be moved to it, installed, activated, and monitored with any required monitoring software.
PROS
- Easy to Use
- Isolated Environment for Testing
- No Risk of Permanent System Changes
- Can Run Potentially Harmful Programs Safely
CONS
- Limited Resource Allocation
- Not Available on All Windows Versions
- Requires Hardware Virtualization Support