I'm very excited that Microsoft is moving in the same direction. The feature Windows Defender Application Guard (WDAG) runs Windows applications, right now only the Edge browser, in a virtualization isolated container[1]. Under the hood it's using what Microsoft calls "Hyper-V Containers", which are lightweight virtual machines that share some host resources such as a read-only filesystem. The closest open source analogues to that are Intel(R) Clear Containers[2] and Qubes.
The closest you can get to Qubes on Windows would be to follow Microsoft's Privileged Access Workstation (PAW) guide, but it requires a lot of additional infrastructure[3]. That infrastructure allows you to do remote attestation of the virtual machines, but makes it costly to deploy in a SMB or homelab environment.
I don't expect it'll be very long before PAW and WDAG are usable at the same time, with colored window borders indicating the origin virtual machine. I hope this is on Microsoft's roadmap.
Video on privileged access workstation use, starting at a demo: https://youtu.be/3v8yQz2GWZw?t=41m48s
Video on privileged access workstation setup: https://www.youtube.com/watch?v=aPhfRTLXk_k
[1] https://docs.microsoft.com/en-us/windows/threat-protection/w...
[2] https://clearlinux.org/features/intelĀ®-clear-containers
[3] https://docs.microsoft.com/en-us/windows-server/identity/sec...
I think that "The closest you can get to Qubes on Windows" is what https://www.hysolate.com/ are building
>Virtual Air Gap
lol. the whole point of an airgap is that you can very easily -at a glace- verify that the system is secure because there's no inputs/outputs to/from it (air gapped). trying to implement it using a hypervisor turns it into a buzzword.
It might no longer be as simple as at a glance in a world with ubiquitous wireless. You'd have to take special care to disable or disconnect all wireless chips in your system. And that might be hard for laptops and impossible in lower form factors.
Even without radios, there are lots of different ways to get data in and out of an airgapped system. Examples include everything from sound (especially ultrasonic beacons etc. as these are used for cellphone marketing today) to more esoteric stuff like flashing the LEDs in a specific pattern or even changing the cpu temperature to specific levels.