@ MODS

Discussion in 'sandboxing & virtualization' started by Kees1958, Apr 15, 2010.

Thread Status:
Not open for further replies.
  1. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Moderators

    Sandboxing & virtualisation is a 'container' definition which is now allocated in the software, hardware, etc.

    When you look at the context in which this is used it focusses primarely on application, file and hardware virualisation.

    In my opinion it would be better off in the security software forum. In this forum other AV, AT, AM are allready mentioned as a 'catch' net of other security technologies. Adding two more other catogories would be more appropriate

    Other Application, File and Hardware virtualisation & replication
    ** SBIE, Returnil, Virtual Box, CTM, AyRecovery, etc

    Other policy, and sandbox containment
    ** Pretty Good Security, Appguard, OS-internals (like SRP, ACL, AppLocker, XP mode, etc), DefenseWall, GesWall, (Code Emulation) Sandboxes of AV's, etc

    Regards Kees
     
    Last edited: Apr 15, 2010
  2. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    That's way too much imho. I see your point, but I really don't think it needs all those separate categories. I agree that Sandboxing and Virtualization is a category better suited for the Security section, as long as it does stay a separate category in said section. Here's how I would lay it out:

    "SBIE, Returnil, Virtual Box, CTM, AyRecovery, etc". This should honestly stay in the Sandboxing and Virtualization section. It's exactly what they are, and that's the best area for them.

    "Pretty Good Security, Appguard, OS-internals (like SRP, ACL, AppLocker, XP mode, etc), DefenseWall, GesWall, (Code Emulation)". Actually, if you look through the "Other Security Issues and News" section, it would fit right in there.

    AV sandboxes, I really don't see a need for them to be anywhere else but the AV section. After all they are a part of their respective AV programs.

    Just my two cents.

    Edit: To further explain, I just don't see a need to add a lot of categories where it isn't needed. For one thing it clutters up the main page (the list of sections is already a bit long as is.), for another, some topics are closely related to another and should really just be dumped in with their related sections.
     
    Last edited: Apr 15, 2010
  3. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    I agree that the proposed layout is a bit too much, (i.e. too complex) and is really not necessary.

    I disagree that sandboxing and virtualization belongs in the security software section. Yes, as a security forum, many members here use them almost entirely as security tools. And, for Marketing purposes, most of the vendors sell these products as security tools. However, virtualization in particular, and even sandboxing to some extent, is about isolating the real system resources from a runtime environment, which in many cases is used for things such as software testing or maintaining system state.

    VMware and the various Microsoft virtual machine products started out as testing tools. Deep Freeze was mostly intended as a software that constantly reverts a systems state to a known, specific configuration. A key target market was always kiosk and shared, public PCs. Security is a side benefit, but, it's the constant returning of the system to its desired configuration that is the main purpose.

    The second set of tools which are not pure sandboxes or even virtualization, and are called everything from "subname" HIPS to Behavior blockers, those are more directly security software products, and likely should stay in other anti-malware software at this point in time. As a sign of that, the current trend of AV, FW and AS products to add and enhance their HIPS like control and intelligent behavior monitoring, shows that those are primarily goals of many security softwares. As a side point of that, the sandboxes and virtualization components within an AV, FW or AM product, need to be considered as a part of that product and likewise stay in the main security software sections dedicated to those product types.
     
Thread Status:
Not open for further replies.