What do you call DefenseWall/GeSWall/AppGuard/BufferZone

Discussion in 'polls' started by Brandonn2010, Jun 9, 2011.

?

What would you call DefenseWall/GeSWal/AppGuard/BufferZone

  1. policy-based sandbox

    12.5%
  2. policy-based HIPS

    3.1%
  3. policy-based sandbox/HIPS

    34.4%
  4. policy-based HIPS/sandbox

    6.3%
  5. policy-restriction HIPS

    15.6%
  6. just "HIPS"

    15.6%
  7. other

    12.5%
  1. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Right now I have this informative website, that unfortunately is not online because I can't find anywhere I could host it for free. I mainly email it to friends and family who could use some info on computer security.

    Anyway, I have different pages for different types of programs. Right now I have one called HIPS/Sandbox for standalone HIPS programs (of which I only have WinPatrol), as well as Sandboxie, DefenseWall, GeSWall, AppGuard, and BufferZone. Since DefenseWall, GeSWall, AppGuard, and BufferZone are in a league of their own, I want to have a separate page for programs like them. Right now I am calling them policy-based sandboxes, but I want a more accepted term.

    Sorry for the large post: please vote for what the most accurate term would be for the four programs.
     
  2. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    I thought that BufferZone is primarily an application virtualisation program, similar to Sandboxie, whereas the other three programs are all similar in that they primarily work by applying restrictions to processes running within the real system, not by isolating processes from the real system.

    DefenseWall, GeSWall, and AppGuard all apply restrictions to running processes by applying a policy that determines what applications are and aren't allowed to do. In that sense the terms policy-restriction and policy-based are both applicable, and I don't see any fundamental difference between them, as it is the enforcement of the policy that creates the restrictions.

    I voted other because not everyone would agree that, when talking about programs such as DefenseWall, GeSWall, and AppGuard, the terms Sandbox and HIPS are applicable, so it may be better to avoid the use of these terms.

    The problem with the term Sandbox is that, for many people, the term sandbox implies isolation from the real system, not just restriction within the real system. There have been several threads where this has been previously discussed and the main point of issue is well summarised by the following quote from the FAQs page on the GeSWall website, explaining why the developers don't consider GeSWall to be a sandbox: -

    "Q: What is the difference between GesWall and sandbox products?
    A: GeSWall is not a sandbox. Perhaps the best sandbox you can afford is a separate machine or VmWare/VirtualPC, the rest is by definition incomplete solutions and will always have some flaws. Virtualization/sandboxing solutions create strictly separated environments. The less links between these envelopments and the rest of the system then better a sandbox is. That is a reason for usability problems. It is OK to run a browser there, but you would be reluctant to use e-mail client within a sandbox. Instead of breaking the links, GeSWall tracks an untrusted application data-flow: files, registry, etc. For example, GeSWall does not prevent a new file to be created by a browser, but it tracks out files created by isolated applications and isolates (restricts) an application that uses those file."


    Similarly, the problem with the use of the term HIPS is that, as with the term sandbox, there isn't a universally agreed definition of what is meant by HIPS. As HIPS just stands for "Host-based Intrusion Prevention System", in theory it could apply to any security program that runs on the host system with the aim of preventing intrusion, which could include firewalls and AVs. However, most people don't accept such a broad definition and the term is usually taken to mean security programs that are behaviour based, but that's where the agreement ends. For some people, the term HIPS is used to describe any kind of non-signature based software. For others, the term HIPS is used only in relation to what is sometimes called classical HIPS, e.g. Comodo Defense+ and similar programs.
     
  3. yongsua

    yongsua Registered Member

    Joined:
    Feb 9, 2011
    Posts:
    474
    Location:
    Malaysia
    What is the difference between policy-based sandbox/HIPS and policy-based HIPS/sandbox o_O?
     
  4. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    Please read my post first to see if you think the terms sandbox and HIPS apply to policy-based software. If you still want to use both terms, it doesn't matter which order you apply them: the meaning is the same. If something is both a HIPS and a sandbox then, by implication, it must also be a sandbox and a HIPS. :)
     
  5. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Is there any way to edit the poll; I want to add another option. This would be "policy-restriction software" or "policy-restriction programs". That is specific enough to separate the four programs from other types of programs like behavior blockers and HIPS, but doesn't include sandbox which doesn't quite apply to them all. What do you think of that?
     
  6. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    The only one that i know a bit in that list is DefenseWall, and i've always considered it's just a restriction based HIPS :D
     
  7. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    What do you call DefenseWall/GeSWall/AppGuard/BufferZone ?

    I call them 'Leave Real-Time Anti-Malware Scanners Aside'...:D
     
  8. cm1971

    cm1971 Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    727
    I call DefenseWall awesome computer security. :D
     
  9. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    No doubt.
     
  10. Francis93

    Francis93 Registered Member

    Joined:
    Feb 1, 2011
    Posts:
    311
    DefenseWall is policy-based sandboxing-style Firewall and Host Intrusion Prevention System. :cool: The best! :thumb:
     
Loading...