I suggest that you look to see if the Windows 7 template is actually
updated.
It is not. It cannot be (as discussed here. Even if it could, I don’t want it to be (at least not automatically with all other VMs through the Salt formula). I would like it and its AppVMs to be explicitly network isolated.
How to do this?