The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

Device Guard and Credential Guard Hardware Readiness Tool for Windows computers

Download Windows Speedup Tool to fix errors and make PC run faster

Microsoft has released a Device Guard and Credential Guard Hardware Readiness Tool that will allow customers to enable Device Guard or Credential Guard & check if their Windows 11/10 or Windows Server hardware is ready for it.

Windows Server 2016

Device Guard is a group of key features, designed to harden a computer system against malware. Its focus is preventing malicious code from running by ensuring only known good code can run.

Credential Guard is a specific feature that is not part of Device Guard that aims to isolate and harden key system and user secrets against compromise, helping to minimize the impact and breadth of a Pass the Hash style attack in the event that malicious code is already running via a local or network based vector.

The two are different, but complimentary as they offer different protections against different types of threats. Let’s dive in and take a logical approach to understanding each. It’s worth noting here that these are enterprise features, and as such are included only in the Windows Enterprise client.

Device Guard is a firmware that will not let un-authenticated, unsigned, unauthorized programs as well as operating systems to load. It is a combination of hardware and software security features that, when configured together, will lock a device down so that it can only run trusted applications.

Credential Guard is one of the main security features available with Windows 11/10. It allows protection against hacking of domain credentials thereby preventing hackers from taking over the enterprise networks. Along with features like Device Guard and Secure Boot, Windows 11/10 is more secure than any of the previous Windows operating system.

Device Guard and Credential Guard Hardware Readiness Tool

This tool is a Windows PowerShell script and needs to run with elevated permissions.

It can be used in the following ways:

  • Check the status of Device Guard or Credential Guard on the system
  • Check if the hardware can run Device Guard or Credential Guard and is compatible with the Hardware Lab Kit tests
  • Enable and disable Device Guard or Credential Guard
  • Integrate with System Center Configuration Manager
  • Use an embedded ConfigCI policy in audit mode.

You can download it from Microsoft.

AnandK@TWC

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP (2006-16) & a Windows Insider MVP (2016-2022). Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap