Sandbox Could Be Key to the Future of Windows (Premium)

With Windows Sandbox, Microsoft is taking a big step towards doing exactly what I've been calling on the company to do for years: Figure out a way to isolate, or contain, legacy desktop applications from the system in a way that doesn't require a complex and manual Desktop Bridge conversion process.

What amazes me most about this development is that Microsoft has been working on the underlying technologies necessary for this solution for decades. And I can only assume that the firm's terrible side-track into a so-called "modern" app platform---first in Windows 8 but continued in Windows 10---is what delayed its inevitable appearance now. But there's no reason to cry over a lost decade. Microsoft is finally on the right track.

That said, there's a long way to go, too. From what I can tell, Sandbox functionally brings us back roughly to the initial desktop virtualization solution that Microsoft first introduced to enterprises in the early 2000s in the form Microsoft Enterprise Desktop Virtualization (MED-V).

For those unfamiliar, MED-V was based on the Virtual PC technologies that Microsoft had acquired with Connectix in 2003, adding an IT-controlled management layer. It allowed businesses to upgrade PCs to the latest Windows version while running an older Windows version, with specific applications that were incompatible with the host OS, in a virtual environment. Those applications appeared in the Start menu alongside native applications and each could run side-by-side. So it was a theoretically seamless experience for users.

Microsoft later provided a truly seamless application virtualization called Microsoft Application Virtualization (App-V). With App-V, each virtual application that was deployed to a client PC ran in its own self-contained virtual environment. So each virtual app was isolated both from the host PC and from any other virtual applications. App-V is more elegant than MED-V from the user's perspective, and it requires fewer system resources on the host PC. But it does require a server infrastructure by which these virtual applications are "streamed" to client PCs.

Sandbox is not the same thing as MED-V or even Virtual PC. But like MED-V, it relies on a PC-hosted virtual environment that provides a full desktop experience inside of a window on the host PC which is, to that host PC, just another application.

That virtual environment is far more efficient than MED-V ever was 15 years ago.

For one, it runs on the hypervisor used by Hyper-V, offering better performance and hardware integration. And the virtual environment itself is, as Microsoft says, more "lightweight" than a full virtual machine because it doesn't use a big virtual hard disk (VHD); instead, it just makes a copy of the necessary parts of the host PC's installed OS.

Furthermore, where the virtual environment provided by MED-V was persistent and could thus change over time, that provided by Sandbox is new, or "pristine," as Microsoft put...