Dell Kace Offers Free 'Secure Browser' Virtualization Tool
- By Kurt Mackie
- July 20, 2010
Dell Kace today rolled out a free browser virtualization solution that can help protect against Web threats.
The new Dell Kace "Secure Browser" solution provides a virtualized instance of the Firefox v3.6 Web browser, replete with Adobe Reader and Flash plug-ins. It uses Dell Kace's homegrown application virtualization solution and will run on a client device without any additional supporting infrastructure.
The technology isn't exactly new as it has been part of Dell Kace's K1000 management appliance, which has an application virtualization feature called "Virtual Kontainers." Now, however, the company has opened up the Secure Browser solution for individuals or organizations to use for free. It can be downloaded from Dell Kace's Web site here.
The difference between using the free Secure Browser version and using it in the K1000 appliance is that the K1000 offers management control to IT pros. Users of K1000 can set restriction policies on multiple virtualized browsers. They have the ability to restrict where browsers can go using a white-list and black-list system, as set by IT pros. Browsers and their policies can also be remotely controlled using the K1000 system.
Secure Browser provides alerts to the user whenever a process starts to run in the browser. Bob Kelly, senior product manager at Dell Kace, said that this feature is similar to Microsoft's User Account Control (UAC), a security alert system introduced with Windows Vista. However, Dell Kace's method has some benefits over UAC, he said.
"The initial release of UAC was kind of annoying because it was popping up all of the time and didn't tell you a lot," Kelly said. "This will only pop up when the browser is trying to start something, which should be something you know about."
Users of Secure Browser are protected because any browser threats just attack the virtualized instance of the browser. If the browser is attacked, a reset button restores settings.
"The idea of containment is that all activity is protected in the sandbox," Kelly explained.
"So you might install something that thinks it's putting things in the program files and system folders and all kinds of nasty things you wouldn't want to have happen. But because it's contained in this virtual space, that's not actually occurring. It can infect your virtual instance, but not your actual PC. And that virtual instance can be easily reset with a single click."
Dell Kace does not recommend abandoning use of antimalware software with Secure Browser, but its application virtualization does add an additional layer of protection. For instance, Kelly said that it blocks zero-day browser threats.
"Even with a zero-day attack where the virus scanners don't know about it, the antimalware programs don't know about it -- whatever happens, it's going to be in that virtual space where you can click and reset," Kelly said. "So you do have a good layer of protection against vulnerabilities that are unknown."
Dell Kace plans to work on a Secure Browser solution for Internet Explorer, starting with IE 6, sometime "later this year." Firefox was picked to virtualize first because it is an open source browser and it was just easier for Dell Kace to build its application around it, Kelly said. He said that to do application virtualization, software companies have to understand what's going on "under the hood" in each browser.
In addressing IE 6 virtualization, Dell Kace will meet the needs of many organizations struggling with legacy Web apps built around that browser version, including those organizations that haven't moved off Windows XP.
"IE 6 is what we're going to start with because version 6 is beneficial in the additional sense that a lot of people still need to keep IE 6 around for compatibility with certain Web applications, and you can't run IE 6 on Vista or Windows 7," Kelly said. "So by having a virtual instance you would be able to do that."
Later, Dell Kace may work on a virtualized instance of IE 8, since that's also a requirement of many organizations, Kelly added.
Dell acquired Kace, a maker of management and deployment products, in February, absorbing about 100 to 150 employees, according to Rob Meinhardt, president of Dell Kace. Its two hardware appliances, the K1000 and K2000, work across Windows environments, as well as Mac OS and Linux. Competitors include Altiris, LANDesk and Microsoft -- particularly Microsoft's System Center Configuration Manager. Kace sells to midmarket organizations of about 100 to 10,000 persons, providing solutions aimed at simplifying tasks for IT generalists.
Meinhardt said that Dell Kace currently has 1,800 customers worldwide, with a higher than average penetration in state and local government, higher education and K-12 schools.
More information on Secure Browser will be available in a Dell Kace Webinar on Thursday, July 29, 2010 at 1:00 p.m. Eastern Standard Time. For registration, go here.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.