Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

Sandboxing is a Form of Virtualization – and has its Drawbacks

by Neil MacDonald  |  July 22, 2010  |  1 Comment

On 20 July 2010, Dell KACE introduced a free “sandboxed” version of Firefox for download by anyone. Using its Kontainer application virtualization technology, Dell KACE isolates attacks on the browser from infecting the rest of the system.

The idea of isolating the activities of a potentially harmful application (sandboxing) isn’t new. Isolation via virtualization/sandboxing of OS resources has been used for years in the various host-based intrusion prevention solutions I research – for example McAfee HIPS, Symantec Critical System Protection, Cisco CSA, Trustware, ForceField and others

With the Dell KACE solution, the technique of isolation is applied to the browser, but this isn’t new either. One vendor providing this, GreenBorder, was acquired by Google back in 2007.

Essentially, attacks on the browser are isolated from the rest of the OS. Straightforward enough, but there are some issues. The act of virtualizing the browser also means that “good” changes to the browser are also isolated (say a user adds their own plug in). If and when you need to reset the browser container back to a known good state, all of the legitimate changes are thrown out as well, frustrating users. Likewise, administrators may want to propagate out a change to all virtualized browsers and there needs to be management infrastructure to make these types of changes “permanent”. Also, attacks that target the user (not the OS) are remain a risk – we haven’t virtualized the user (yet!). Finally, you still have the challenge of detecting when an attack has been successful and that the virtualized browser indeed needs to be reset. This is complicated by the fact that traditional OS-based security products running outside of the virtualized browser may or may not see into the virtualized container.

The best deployment scenario for this type of solution will be environments which are reset back to a known good state after each session – enterprise classrooms and training facilities, call centers and educational institutions.

1 Comment »

Category: Virtualization Virtualization Security     Tags: , ,

1 response so far ↓

  • 1 Rob Meinhardt   July 26, 2010 at 3:53 pm

    Thanks for your insights Neil. From a Dell|KACE perspective, I would add that integrating the virtualized browser with the management console (which we’ve done) improves the manageability of the contained environment and, because of that, makes the virtualized browser a more powerful platform for delivering a secure environment for web-browsing and web-apps.