How to enable Windows Sandbox
When you enable Windows Sandbox, it creates an on-demand lightweight temporary desktop session to run untrusted apps without accessing files, the Windows registry, and other critical parts of the main Windows OS.
Как в Windows 11 включить Sandbox?
Если вы хотите скачать какое-то приложение, но не уверены в его безопасности и производителе, то для такого случая компания Майкрософт предусмотрела Sandbox или Песочницу – среду, эмулирующую Windows 11, но изолированную от основной установки.
В Windows 11 Песочница добавлена только в сборки Pro и Enterprise. В ней используется технология Microsoft Hyper-V для создания легкой виртуальной машины для запуска отдельного ядра, которое отделяет сеанс Windows Sandbox от хоста. Невзирая на такую безопасность виртуальной среды, недостатки песочница Windows 11 все же имеет. По окончанию тестирования и закрытия Sandbox, все функции удаляются и заново придется устанавливать виртуальную Windows 11 и приложения. Однако, учитывая тот факт, что инсталляция облегченной эмулированной Windows 11 занимает всего пару минут, то это лучше, чем потом восстанавливать файлы после неудачной установки зараженного софта и т д.
Как включить Sandbox в настройках Windows 11?
Если вам нужна виртуальная среда в Windows 11, то для включения Песочницы необходимо выполнить следующие действия:
- Нажимаем «Пуск», «Панель управления» и выбираем «Программы».
- В разделе «Программы и компоненты» выбираем «Включение и отключение компонентов Windows».
- Появится небольшое окно. В списке находим Windows Sandbox.
- Виртуальная среда в Windows 11 включена.
Для того, чтобы начать использовать Sandbox в Windows 11, стоит перезагрузить ПК, а далее запустить элемент и начать установку виртуальной ОС и приложений.
В Домашней версии Windows 11 включить Sandbox можно, следуя инструкции из видео:
How to enable Windows Sandbox
Windows 10 and Windows 11 (Pro and Enterprise Versions) include a great feature called Windows Sandbox.
If you aren’t familiar with operating system virtualization, you can read my overview of virtualization in, What is Virtualization.
Windows Sandbox provides a disposable virtual environment that will discard all changes in the virtual environment after you close the session. This gives you the flexibility to test changes in the registry test software in a non-persistent environment without needing to create a full virtual machine, install an operating system for your virtual machine, or configure networking (there are pros and cons about this and I will discuss that later).
To enable Windows Sandbox, you need to to make sure your physical machine supports virtualization, that your physical machine’s BIOS has virtualization turned on, and there are some minimum hardware requirements to use Windows Sandbox 1 but for most people those will not be a problem.
If you want to use Windows Sandbox in a virtual machine and the host Operating System is running Windows, you will need to enable nested virtualization. To do that, you will need to open PowerShell as an Administrator and run the following command 2 :
Set-VMProcessor -VMName \ -ExposeVirtualizationExtensions $true
To enable Windows Sandbox using Windows’ UI, you would click Start, type “Turn Windows features on and off”, and click “Turn Windows features on and off”.
You will need to scroll down until you see the Windows feature named, Windows Sandbox, check the checkbox next to that Windows feature, and click the OK button.
You will need to restart your computer to finish installing the Windows feature.
If you prefer to install Windows Sandbox using PowerShell, you can open PowerShell as an Administrator and run the following command 3 :
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online
After you restart your computer, you can click the Start button, and type Windows Sandbox. Clicking the item for Windows Sandbox will start it with its default configuration.
I will discuss how to customize Windows Sandbox in the next article. For now, enjoy experimenting with Windows Sandbox (but don’t use it to analyze suspicious programs using the default configuration).
THE CONTENT OF THIS POST IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE CONTENT OR THE USE OR OTHER DEALINGS IN THE CONTENT.
How to Enable Sandbox in Windows 11
This post shows students and new users how to enable Windows Sandbox when using Windows 11.
Microsoft introduced the Windows Sandbox feature starting with Windows 10 to help create a secure environment that isolates running apps from the main systems.
This is feature is very useful, especially for security professionals testing apps that are not trusted or are unknown.
When you enable Windows Sandbox, it creates an on-demand lightweight temporary desktop session to run untrusted apps without accessing files, the Windows registry, and other critical parts of the main Windows OS.
Apps already installed on the system won’t have access to the secured Sandbox environment. You must first enable Windows Sandbox, then install untrusted apps you want to test or run from within the Sandbox environment.
To enable Windows Sandbox in Windows 11, follow the steps below:
Enable Sandbox from Apps and Features
To enable Windows Sandbox from Apps and Features, press the Window key + R to open the Run apps box. Then type in the commands below into the box and press Enter to open.
optionalfeatures.exe
When the Windows optional features panel opens, select Sandbox from the list and install.
Install from Command Prompt
Another way to enable and disable Windows Sandbox is via Windows Command Prompt. If you’re logged in as administrator, use Windows search and open the Command Prompt as administrator.
Then run the commands below to enable Windows Sandbox feature.
dism /online /Enable-Feature /FeatureName:"Containers-DisposableClientVM" -All
After running the commands above, restart your computer for your changes to apply.
If you want to uninstall Sandbox, run the commands below:
dism /online /Disable-Feature /FeatureName:"Containers-DisposableClientVM"
Enable Windows Sandbox via PowerShell.
Windows Sandbox is also enabled and disabled via PowerShell. To enable via PowerShell, use the Windows search feature to open PowerShell as administrator.
When PowerShell opens, run the commands below to enable it.
Enable-WindowsOptionalFeature -Online -FeatureName "Containers-DisposableClientVM" -All
Restart your computer for the changes to apply.
To disable via PowerShell, run the commands below:
Disable-WindowsOptionalFeature -Online -FeatureName "Containers-DisposableClientVM" -Online
That should do it!
Using Windows Sandbox
Now that Sandbox is enabled, log in and begin using Windows Sandbox to test untrusted apps.
That’s should do it!
Conclusion:
This post showed you how to enable or disable Windows Sandbox when using Windows 11. If you find any error above, please use the comments form below to report.
Comments are closed, but trackbacks and pingbacks are open.