Posey's Tips & Tricks

Windows Sandbox: An Easy Alternative to Windows 10 VMs

Hyper-V virtual machines have their uses, but the sandbox feature in Windows 10 can work just as well, is easier to set up and takes up much less disk space.

• By Brien Posey
• 05/10/2021

Since I first adopted Windows 10, I have kept a Windows 10 virtual machine (VM) installed on my desktop. When I created this VM -- and as I rebuilt it following new Windows 10 releases -- I made a checkpoint of the VM while it was in a pristine condition. That way, I could use the VM to test various procedures and to install software that I wouldn't necessarily want on my primary desktop operating system. Whenever I'm finished with what I'm doing, I simply use the checkpoint to roll the VM back to a pristine state.

This technique works really well, but it is not the only way to create an isolated Windows 10 environment. Windows 10 Pro and Enterprise include a "sandbox" feature where you can run untrusted software and experiment with configuration changes without putting your machine's primary operating system at risk and without the hassle of setting up a VM. 

Setting up the sandbox environment is an easy process. Begin the process by verifying that you are running Windows 10 build 18305 or newer and that your machine supports hardware virtualization. Next, open the Control Panel by entering the Control command at the Windows Run prompt. Once the Control Panel opens, click on Programs, followed by the Turn Windows Feature On or Off link. Finally, select the Windows Sandbox option from the list of features, as shown in Figure 1, and click OK.

Once Windows Sandbox is installed, you can launch it from the Start menu by clicking on the Windows Sandbox icon. Figure 2 shows what Windows Sandbox looks like.

As you can see in the figure, Windows Sandbox looks a lot like a Hyper-V VM. Even so, there are several key differences. For starters, you will notice that I did not access the Windows Sandbox through the Hyper-V Manager, nor did I access it through an RDP session.

Another key difference between a Hyper-V VM and the Windows Sandbox is that I did not have to complete any sort of setup process beyond the steps listed above. In other words, Microsoft has automatically deployed a pristine copy of Windows 10 without me having to install Windows. This copy of Windows automatically reverts back to a pristine state at the end of each sandbox session.

One more difference between a Hyper-V VM and the Windows Sandbox environment is that the sandbox loads far more quickly than Windows 10 running on a Hyper-V VM.

The reason why Windows Sandbox is so different from a Hyper-V VM is because it is based on Windows Containers. For those who do not have a background in containers, they have a lot of similarities to VMs but are much lighter. The reason containers can be so lightweight is because unlike a VM, containers do not have a dedicated operating system. Instead, the containers running on a system share a common base image (the operating system kernel). As such, containers generally only contain the files, registry settings and other elements that are required to make a particular containerized application run.

One of the problems Microsoft had to address when creating the Windows Sandbox was that although it uses the computer's primary desktop operating system as a base image, some of the Windows operating system's files can change over the normal course of using Windows. As such, Microsoft had to create the concept of a dynamic base image. This dynamic base image contains pristine copies of the files that can potentially be modified, but the other operating system files within the sandbox are actually just links back to the same system files that the parent operating system is using.

One of the benefits of this approach is that the sandbox environment doesn't take up much disk space. The entire sandbox operating system only takes up about 100MB of space, whereas a full-blown copy of Windows 10 normally consumes several GB of space.

While the sandbox's small size probably helps it boot so quickly, the main reason why the sandbox is able to load so fast is that the first time you boot the sandbox, Windows writes the sandbox's memory contents and CPU state to disk. The next time you use the sandbox (and on each subsequent use), Windows simply loads this previously saved state rather than booting the sandbox OS from scratch.