Security Basics mailing list archives
How to categorize 'desktop application firewalling'?
From: "Bill Stout" <bill.stout () greenborder com>
Date: Tue, 12 Jul 2005 13:48:32 -0700
[I posted this to firewalls as a firewalls question but the moderator asked me to post this in focus-virus, and focus-virus asked me to post to security-basics. - This illustrates the problem I'm trying to solve.] I'm the IT department for our company, and I'm trying to figure out how to simply categorize and describe our software. Here's the complicated description: Our software protects Windows local system resources and the local network from an application process accessing untrusted content. It's like placing latex around the application that opens untrusted content. What it means is, processes launched in our protected environment do not have the ability to; modify the registry, files on disk or the local network. It also adds confidentiality by blocking processes accessing Internet content from read access to 'My Documents', local network shares, etc. Nearly any process can be launched in this space, but it does it automatically for just IE and Outlook. Currently the software automatically detects if IE or Outlook is attempting to access content from outside the defined network and re-launches an application process in the controlled space. The result is that with the software installed, you can purposely attempt to install spyware or viruses through IE or Outlook and it doesn't infect the machine. All the above is really difficult to explain quickly, and we end up describing it as anti-virus/anti-spyware software, although we don't recommend throwing existing software out. Would anyone have a simpler way of explaining something that firewalls desktop applications from local resources? Thanks, Bill Stout IT dept GreenBorder, Inc. www.greenborder.com
Current thread:
- How to categorize 'desktop application firewalling'? Bill Stout (Jul 13)
- Re: How to categorize 'desktop application firewalling'? Ansgar -59cobalt- Wiechers (Jul 18)
- <Possible follow-ups>
- RE: How to categorize 'desktop application firewalling'? Gaydosh, Adam (Jul 18)
- RE: How to categorize 'desktop application firewalling'? Bill Stout (Jul 18)