How to improve security with Windows 11 Sandbox

Windows 11 Sandbox, which you may also know as Windows Sandbox, is a security feature that Microsoft debuted in the Windows 10 2019 Spring release and has maintained ever since. In case you don’t know it, say that it allows users to create an isolated environment within the system to test/run software high risk with total security or browse websites that can be dangerous without affecting the system where it is executed.

To do this, Windows Sandbox creates a temporary desktop environment by installing a super reduced version of Windows of approximately 100 Mbytes and with a separate kernel isolated from the PC where it runs. In addition to security, Microsoft mentions its efficiency and availability as advantages since it is designed to be disposable. In other words, once we have finished executing the applications and we close this tool, the entire generated environment will be deleted.

A good way to check the dangerousness of unknown applications or visit those questionable security websites through a much simpler function than using virtual machines, since you do not need to download ISO images or use hypervisors or third-party applications.

Windows 11 Sandbox

The feature maintains the minimum requirements set for Windows 10, although you already know that these have generally increased in Windows 11 with the TPM, DirectX 12 and others. To install this environment you need:

  • Windows 11 Pro, Enterprise or Education. (Windows Sandbox is not currently supported on Home versions.)
  • A PC with AMD64 architecture.
  • At least two CPU cores (four cores with hyperthreading recommended).
  • At least 4 GB of RAM (8 GB recommended).
  • At least 1 GB of free disk space (SSD recommended).
  • Virtualization capabilities enabled in BIOS.

Check virtualization capability

Like any other virtual machine, the Windows 11 sandbox requires the PC’s CPU to have virtualization enabled. On AMD processors, the virtualization feature is called ‘AMD-V’ and is enabled by default on supported models, which are typically all recent years. If you are using Intel processors their virtualization technology is called ‘Intel VT’ and is usually not enabled by default. Activation is done in the BIOS/UEFI as we saw in this how-to article.


The installation of Windows Sandbox can be done in several ways. One of them is by accessing the additional features of Windows where you will see this sandbox. For it:

  • Search for “Windows features”:

How to improve security with Windows 11 Sandbox 30

  • Enable the “Windows Sandbox” checkbox:

How to improve security with Windows 11 Sandbox 32

Another way to activate the Windows 11 sandbox is through the advanced Powershell console in administrator mode, by typing the command Enable-WindowsOptionalFeature -FeatureName “Containers-DisposableClientVM” -All -Online

How to improve security with Windows 11 Sandbox 34

In one way or another you will have to restart the computer and from then on you will see it installed in the start menu. Its execution is carried out like any other type of application. You’ll see a stripped-down installation of Windows 11 where you can install the apps you need, browse the websites you want, or copy and paste suspicious files from the host computer.

How to improve security with Windows 11 Sandbox 36

As we said above, this minimal version is completely isolated from the main system and when it is closed any type of file, configuration or task is deleted that you have done Every time you run it again you will get a new instance of this sandbox.

Like any other operating system it can be customized using simple configuration files, which provide a minimal set of customization parameters for the sandbox, controlling parameters such as virtualized GPUs, networking, boot commands, audio and video inputs, printer redirection and others.

What we use Windows Sandbox for

The tool has a variety of uses, mainly for browsing potentially dangerous websites and testing unknown applications. Some examples:

Check apps. It is not difficult to run into unknown and unreliable applications. They can be useful, but they can also be dangerous or even contain malware. Windows Sandbox allows you to do almost anything a standard PC can do including running an antivirus to check those applications.

Web navegation. The global Internet is littered with nasty sites including those that distribute malware, spam or have phishing schemes. If you want to access a suspicious website without putting your computer at risk, this isolated environment allows it. In cases of infection or risk, it is simply a matter of closing the session.

test software. It is also possible to test any type of software that, although it is not dangerous, we do not know about or are not sure we want to keep it in the future. This environment provides an ideal testing environment, as an application can be installed and run without leaving any traces in the main operating system or occupying resources, memory, storage, or the Windows registry.

File check. One of the most used ways of malware distribution comes from attachments. For example in email. If you want to review email messages and these types of files, this tone can help. The same with a document with macros or any type of file that wants to be executed. Even if it contains malware, once the environment is closed, the computer will be completely clean of it.

Very useful for the features outlined in this Windows 11 sandbox. And if you’re using Windows 10, starting with the Spring 2019 release you can install and use it the same way.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *