Re: How to categorize 'desktop application firewalling'?

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2005-07-12 Bill Stout wrote:
> I'm the IT department for our company, and I'm trying to figure out
> how to simply categorize and describe our software.  
>
>               Here's the complicated description:  Our software protects Windows
> local system resources and the local network from an application
> process accessing untrusted content.  It's like placing latex around
> the application that opens untrusted content.
>                
>               What it means is, processes launched in our protected environment
> do not have the ability to; modify the registry, files on disk or the
> local network.  It also adds confidentiality by blocking processes
> accessing Internet content from read access to 'My Documents', local
> network shares, etc.  Nearly any process can be launched in this
> space, but it does it automatically for just IE and Outlook.
> Currently the software automatically detects if IE or Outlook is
> attempting to access content from outside the defined network and
> re-launches an application process in the controlled space.
>
>               The result is that with the software installed, you can purposely
> attempt to install spyware or viruses through IE or Outlook and it
> doesn't infect the machine.
>
> All the above is really difficult to explain quickly, and we end up
> describing it as anti-virus/anti-spyware software, although we don't
> recommend throwing existing software out.  
>
> Would anyone have a simpler way of explaining something that firewalls
> desktop applications from local resources?  

The word you're looking for is "sandbox".

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq