Navigating Virtual Browsers at Work

Virtual browsers offer something old and something new as vendors aim to provide real security with virtual technology.

The Web browser is the principal tool by which we all connect to the Internet to consume content. It's also one of the principal tools that attackers use to get at your personal data and compromise your computer.

This helps explain a key trend with Web browser development and security features: virtual browsers.

For example, HP just announced its own virtual browser offering, developed with Mozilla in conjunction with its brainchild, Firefox.

Google recently lit up the market with its own Chrome beta that offers sandbox features for securing a user's system from malicious code. Check Point's Force Field software is offering security browsing features to customers that deploy virtualization.

Virtual browsers have been around for a while, but they're getting a closer look as security progresses on the Web. One core argument for using virtual browsers is that a virtual browser is inherently safer than a browser running natively.

Take the HP Firefox browser. It works by way of a virtualization layer from Symantec's Alitiris division, which it calls Software Virtualization Services(SVS).

"SVS is software virtualization and it's similar to Virtual Machine (define) technology but instead of sandboxing an entire operating system what you're doing is sandboxing the application from the rest of the operating system," explained Kev Needham of Mozilla, which develops the Firefox browser that HP is offering with its dc7900 desktops.

"So anything that changes gets put in a box and doesn't affect the underlying system. If anything goes wrong with it, it doesn't have direct access to the operating system," he said.

The idea of separating the browser from the underlying system is an approach used by a number of vendors to mitigate potential risk.

"A browser compromised by malware will not be able to manipulate the file system or registry if it is virtualized because it is not integrated with the rest of the system," Kurt Roemer, chief security strategist at CitrixSystems, told InternetNews.com.

Citrix has been providing remote desktop solutions for a decade, and in recent years has moved squarely into the virtualization space with the acquisition of XenSource.

Roemer noted that Citrix, XenApp and XenDesktop solutions currently enable users to virtualize their browser. "By virtualizing applications, we can virtualize any style application, even browsers, and have been doing it for over 10 years," Roemer said.

Roemer also noted that a virtualized browser also offers greater consistency by enabling better version control and control over the patch process. This helps corporate IT departments be aware of the state of the browser running on all systems company-wide.

While Citrix offers one approach to virtualization, another is the one utilized by Check Point's Force Field software. With Force Field, there is a virtualization layer between the browser and the operating system that shields one from the other. Check Point has also layered in anti-phishing and anti-spyware, and key logger jamming as part of the solution.

VMware also has a VirtualBrowser appliance based on its VMware Player technology, but it does not include integrated layered security. VMware was not available for comment by press time.

From Check Point's perspective, the move toward browser virtualization by HP and, Google sandboxing is a sign of the times.

"This announcement from HP, as well as Google's beta of Chrome, all emphasize the need for Web browser security and the value of using virtualization for Web browsers," John Gable, director of product marketing for Check Point's ZoneAlarm consumer division, told InternetNews.com.

Gable argued that ZoneAlarm ForceField also provides a level of security not included in Chrome or described in the HP announcement.

"Any browser, running natively or otherwise, is vulnerable to browser exploits that by-pass its defenses to attack the PC and access user information," Gable said.

"In addition to creating a virtualized browser session, ZoneAlarm ForceField also combines active security layers to provide users protection against phishing attacks (define), spyware and other forms of malware. This is an especially important component when it comes to securing users from social engineering attacks that trick them into downloading malicious programs, which is also a problem for any browser, native or otherwise."

Google's new Chrome browser isn't creating a purely virtual Web browser, but it is creating a sandbox approach that is intended to protect users. The sandbox isolates browser processes and limits privileges in order to limit the scope of any potential risk spreading outside of a particular browser tab.

Google admits, however, that the sandbox approach alone isn't enough to protect against all threats.

"Running a browser in an isolated, virtualized environment helps protect the system and local data from some security threats, but there are many security risks -- such as phishing or cross-site scripting-- that aren't addressed," a Google spokesperson said in an e-mail to InternetNews.com.

"Google Chrome's sandbox helps protect you from exploits that may arise from processing untrusted HTML and Javascript (define). Google Chrome does many things to help provide a safer, more enjoyable experience on the Web, and the sandbox is an important part of that."

This article was first published on InternetNews.com.






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.