Dell releases virtualization-based secure browsing

“Viruses, malware, and trojans” — if this were the $25,000 Pyramid game show (I could be showing my age here), a contestant might reply with something like, “These are bad things that can infect a PC while surfing the Internet.” And they’d be right.

There are many endpoint security solutions on the market that focus on detection and clean up of these types of security breaches. But Dell is taking a different approach to security by looking to proactively contain these types of threats before they ever become a problem.

[ Also on InfoWorld: David Marshall asks whether this the end of the road for VMware’s free hosted virtualization platform, VMware Server? | And speaking of VMware, whatever happened to the five people who started VMware more than a decade ago? | Make sure to keep up with all the latest virtualization news with InfoWorld’s virtualization newsletter. ]

Back in February, Dell announced it was expanding its systems management offerings with innovative solutions that would provide customers with simple-to-use tools and comprehensive control for their daily operations. This expansion would be aided by its acquisition of Kace, a systems management appliance company that provided solutions for endpoint security, device discovery, system inventory, asset management, and even an application virtualization offering.

Dell Kace has applied that application virtualization technology to Mozilla Firefox and is offering corporations what it claims is a more secure form of Internet browsing.

The new Dell Kace Secure Browser technology provides users with a virtual instance of an Internet browser application. By running the browser in a virtual instance, or sandbox environment, the application and any activity resulting from its use are separated from the endpoint, keeping the actual computer and operating system free of any hostile changes that could occur.

With the Dell Kace Secure Browser, you can:

• use a virtualized and contained Firefox v3.6 browser with Adobe Reader and Flash plug-in;
• rapidly reset any changes made during normal use back to their initial state, enabling easy recovery from infections or attacks;
• view statistics related to the number of processes detected and blocked; and
• set white and black lists to limit access to known good sites, or prevent access to known bad sites to further limit the risk of attack and infection.

For as long as application virtualization has been around (and for what little media coverage or general discussion this technology gets), security through isolation still remains one of its best-use cases.

While extremely useful, virtualizing the browser experience itself is nothing new. In fact, back in 2005 VMware first announced a preconfigured virtual machine dubbed the Browser Appliance, which offered a safe browsing experience using — you guessed it — Mozilla Firefox. The Firefox browser was installed and configured in a VM that was then powered by the free VMware Player.

Dell competitor Hewlett-Packard also announced something that sounds very familiar to the Dell Kace Secure Browser back in 2008, when Symantec and HP joined together and spoke about HP preinstalling a Symantec SVS (now called Workspace Virtualization) wrapped Firefox browser dubbed Mozilla Firefox for HP Virtual Solutions. As with the Dell announcement, HP described an application virtualization layer secured browser experience that would keep a PC clean from malicious attacks and could easily be brought back to a known clean state by simply clicking a button.

At the Symantec ManageFusion 2008 trade show, I saw firsthand how this type of technology could be used as HP and Symantec teamed up to secure the browser environment on HP workstations that were made available to the public in the event lounge and throughout the show. After each attendee finished his or her browsing session, the Firefox instance would automatically reset itself back to a clean, pristine state for the next user. Nothing bad was left behind, and there was no trace of the previous user’s Internet experience.

Other companies have also attacked this browser security issue: Trustware with its BufferZone solution, stealth startup GreenBorder (acquired by Google before they could ever make a splash in the market), and Check Point with its ZoneAlarm ForceField product.

But while other companies have all offered some form of virtualization isolation layer to help protect end-users from malicious attacks, the Dell Kace Secure Browser goes one step further by offering an integration point with the Dell Kace K1000 management appliance, which provides the enterprise with the ability to remotely watch and control Firefox instances to ensure they remain in a safe state. With its Dell Kace K1000 Management Appliance, the Secure Browser can be centrally deployed and managed, provide current status, insightful statistics, and the ability to remotely reset any Secure Browser running throughout the organization.

“Internet browsing is one of the number one sources for malware,” said Rob Meinhardt, co-founder and president of Dell Kace. “With the Dell Kace Secure Browser, we stop malware at its source and trap it, and even provide granular control over browser activity.”

There are a few shortcomings, however. Because of the additional virtualization environment, the Dell Kace Secure Browser is a heavier download than the classic version of Firefox. And it may also run a bit slower because of the additional layer. The Secure Browser currently supports Microsoft Windows 7, Vista, and XP, but only the 32-bit versions; 64-bit systems are not yet supported. It is also unclear just how much work will be involved with upgrading Firefox going forward, or whether all Firefox add-ons will work as intended.

A company spokesperson said Dell was also working on the Internet Explorer 7 version of the browser, so stay tuned for that.

What do you think? Will Dell start shipping all of its new machines with this free virtualized version of Firefox? Or would that prove too difficult without some sort of education for those folks who aren’t yet familiar with virtualization or what this sandbox environment means to their normal browsing expectations?

If you are ready to give it a try, you can download the secure browser for free and find out more information on Kace.com.

This story, “Dell releases virtualization-based secure browsing,” was originally published at InfoWorld.com. Follow the latest developments in virtualization and cloud computing at InfoWorld.com.