Allow data persistence for Microsoft Defender Application Guard

This policy setting allows you to decide whether data should persist across different sessions in Microsoft Defender Application Guard.

If you enable this setting, Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.

If you enable this setting, you can still delete a user's data from a specific device using the Reset-ApplicationGuard PowerShell command. Running this command deletes all employee data, regardless of configuration, and can result in data loss for the employee.

If you disable or don't configure this setting, Application Guard deletes all user data within the Application Guard container.

Supported on: Windows 10 Enterprise, Windows 10 Education, or later

Registry PathSOFTWARE\Policies\Microsoft\AppHVSI
Value NameAllowPersistence
Enabled Value1
Disabled Value0


Administrative Templates (Computers)

Administrative Templates (Users)