Is there so called white-list feature on Internet security 2014 ?

Hello

 

Is there white-list mode on Internet Security 2014 ?

By this I mean that, No program regardless of bugs/scripts/etc... would run when this mode is active, unless it's on the list.

Or is there at least way sandbox the browser(s) ?

 

Br,

Tajuton

Accepted Answer

Comments

  • tajutontajuton Posts: 14

    When these functionalities you described will be implemented in Internet Security (mainly the sandboxin) ?

    I would like to get all security functions on one program.

     

    br, 

    Tajuton

     

  • UkkoUkko Posts: 3,213 Superuser

     

    All of that functions work are real-time.

     

    If you want always work with "sandbox" - probably you are need to use something like "virtual machine with linux" (for example).

    But also just to use "sandbox" (like was Norman Sandbox or now have in Comodo; or just special programs like typical Sandbox or more other close to default - Shadow User) - some kind of outdate thing for protection:
     - it's not give a most protection  - during your "waiting" "most protection".

     - most popular of sandbox-programs (just sandbox or typical technologies) - are vulnerability.

     - here need to understand - for which reasons... you are have "need" in sandbox (it's can be different - and because that - can be different required steps);

     

    -----------------------

     

    F-Secure IS include most modern protections tecnologies in one system. It's have a little different, which not always close to "suspicious" actions - and because it - can be in that steps - not better and modern technologies, but most needful are nice.

     

    Also F-Secure IS supported for modern browsers - all of them have better sandbox-technologies inside, than it's can be by ther programs. Also - it's probably one of better steps for protection during browsing. F-Secure IS just increase that protection - if you are use browser with "default" or close to "default" (in better side) settings.

     

    Why F-Secure IS don't have a "typical" sandbox?

     

     probably here can be next reasons:

    - it's take more resources, than need.

    - it's take new vulnerability in system.

    - you are think that it's work like "BEST" - but in fact - all "sandbox" (like module/program) - work worst.

     

    Now how I can to understand - F-Secure IS (and already some time ago) change local sandbox to "cloud"-sandbox technologies.

     It's create a "fast", "powerfull" and "security" sandbox. Totally.

     

    Also during all analysis for any files or other activity in system - one of layer for analysis - it's virtual "analysis" with "sandbox-technologies" and "emulation". It's mean - all automatically and etc.

    If its suspicious (malicious blocked as default) - user receive question about "next actions" - probably all really suspicious will be detected by DeepGuard (except probably most targeted attacks for user - but here..... probably just user can to protect against that steps) - and if DeepGuard ask about some of suspicious files - it's already give that files to "modern sandbox technologies inside" - it's not like "totally" sandbox - but better for normally work with system.

     

    Also you can be careful - if you just want "break" system - it's not hard to do. It's mean except good and best protection (by F-Secure, for example). You have to increase your knowledge about "web safety" - it's need just for your nice emotions during work with system.

     

     

     

    About white-list - it's have like "reputation", "cloud" and etc. during launch and work for detected suspicious or known "white" behavior.

     

    If you want to launch any programs - if that malicious program (known) - possible no way to launch that (except turn off protection). Just because it's security as default.

     

    All other points - can to add as exclusion for scan (manual / real-time scanning) and if DeepGuard give the alert about  - you can to allow program (if you are sure... that it's OK).

     

    Anyway... technologies like "white-list" and no one other.... you probably mean something like have in VoodooShield - it's good and nice, but not better protection. Also it's give for you - a lot of work with that during create a "setting" for "white" programs.

    That technologies.... just "improving" application control - which in some cases - you can do just by system (Windows, for example) resources.

    Also application control - it's mean "good and best" protection - just if user totally ready for work with that. But most companies (if it's not in main theme - a firewall) goes to other technologies from just "application control".

     

    F-Secure IS have modern automatically application control in new means (new here - just better protection and work for the mechanism). Previously DeepGuard/F-Secure had typical "application control" - but now - without that.

    Now F-Secure and DeepGuard - it's multilayers protection with "main" pro-active complex, which can to use "application control" by automatic analysis during launch/work any programs. It's possible to setting some points - which can to give "better" or "less" protection - but always that mechanism means:

     

         - you meet "false positive" more rare;

         - you have speed, nice, light and close to best protection;

         - if you meet alert (which can be "false positive") - it's just mean or you have "setting" for best protection or it's really suspicious (include "unknown" suspicious - which not somewhat trust yet);

     

    If you are use modern Windows system - you also have sandbox/virtualisation/emulation protection inside system. For example, Windows 8.

    Also here you have UAC - which can to protect you in same case like sandbox (if you are all do right - you are protection; if you are not sure - not sure a protection).

     

     

    All of that means:

     

     If you are choose F-Secure IS - you are choose "one program" in your system - which have most important layers and technologies to best your protection.

    You can choose another - but all of them - can to have:

      - or less protection status;

      - or be without so good integration with system protection mechanism;

      - or be good or nice, but technologies close to "so often be with crashes" or need so high resources for work;

     

    But, of course, you can improve F-Secure IS by some other programs (like it's can be or recommend something like "NoScript" or "Adblocks") - it's OK. But you must be prepare to "conflict" between that programs. It's not mean - that your system crash down. Just... it's mean... that something can to go wrong.... in some cases... in some moments...

     

    Here better - if you decide.. which style in using web you have - and checking... all points you filled by F-Secure IS or not.

    Possibly - most "not aggresive style" totally flling by F-Secure IS.

    Chrissytajutonyeoldfart
This discussion has been closed.