Wednesday, August 20, 2008  
Google
Web pcquest.com

CIOL Network sites

Search by Issue | CD Search | Sitemap | Advanced Search

IBM Rational Software Development Conference 2008-Register Now

   
 Home > Software > Software Reviews

SecureOL VE2 Security Software 

Anil Chopra

Monday, January 23, 2006

A security software for Windows machines that creates two virtual environments, secure and public, thereby preventing security threats from the Internet to affect the enterprise network

The VE2 (actually VE squared) is a fairly interesting virtualization software for Windows machines in an office, be they desktops or notebooks. Unlike the usual virtualization environments, which allow you to load multiple OSs on the same hardware, this one creates two virtual environments in your existing OS-Public and Secure. The Public environment is unsecure and used to connect to the Internet, which is an unsecure network. The user browse the Web or chat in this environment, but can't access the enterprise network. The secure environment, on the other hand, doesn't allow Internet connectivity, but lets the user connect to the local network resources. Since most security threats come in through the Internet nowadays, the software completely isolates the secure environment from them. This can be a boon for an enterprise network. While users are given free access to the Internet, the IT department need not worry about any security threats coming into the main network.

Price: Rs 2,500 per installation
Meant For: Enterprises 
Key Specs: Secure and public virtual environments, control access to I/O devices in public environment, apply strong security policies in secure environment
Pros: Very easy to use, hardly affects system performance, fairly tamper proof
Cons: E-mail client accessible from both environments
Contact: APU Global, Bangalore.
Tel: 9845222411.
Email: chandra@apu-global.com
RQS# E51 or SMS 130151 to 9811800601

We ran a slew of tests on SecureOL, and the way it works is quite interesting. Installing it was a breeze. It automatically detected all the network interfaces and firewall settings on our test notebook. It then scanned through the entire hard drive's directory structure and on its own decided which ones to keep in the secure environment and which ones in the public one. After that, it also let the user add any other directories it had left out to the secure environment. The machine was ready for action after a system restart. At first glance, we didn't find anything different about the machine, barring the 'protected by SecureOL' logo that appeared on the login screen, and the usual desktop shortcuts and entries it created in Program Files. Both environments look exactly the same with all the files in their original places. There was a small icon in the system tray that indicated whether we were in the secure or public environment. Double clicking on this icon switched the environments and a big caption saying 'SECURE' or 'PUBLIC' appeared on the screen for a few seconds. The difference became apparent when we noticed that the title bar in all the windows we opened had changed colors. In secure mode, all the bars were red, while in public mode, they were blue. After that of course, we started finding the differences. New files created in secure environment have a small red dot on the file names. If you open a file in the secure environment, and switch to the public one, you won't find the file open there, indicating that there are indeed two virtual environments running. 

   
No matter what goes wrong in the public environment, you can always restore it to its original state

One good thing about this package is that while regular virtualization software consume a lot of system resources, this one hardly affected our machine. Switching between environments happens instantly, and there's hardly any performance degradation while doing any work.

The tests
Our test machine had Win XP Pro running with both Ethernet and WiFi. We had turned WiFi off during installation. After the installation, we could access only the local network resources, but couldn't browse or chat on Yahoo IM. While in public mode, we could do the reverse. It wouldn't let us access the network resources, but did let us browse and chat. However, we were able to download mail from our corporate mail server over the Internet in both modes.

It seemed to have created two instances of our mailbox. Accoring to us, users should not be allowed to access corporate mail from the public environment since it would add to confusion when some mails land up in one environment's mailbox while rest in the other. Coming to the security part, there's nothing much you can do to harm the machine when SecureOL is running. If you Shift+Delete a file, it comes right back after a folder refresh. If you send it to the Recycle Bin, it will create another copy of it in the same folder. The same thing happened when we moved files from one folder to another. All this happens to the files that existed before SecureOL was installed. Any fresh files you create after its installation can be moved or deleted. We found this to happen in both secure as well as public mode. If you do want to move or delete certain pre-SecureOL files, or install an application that should be available across both environments, then you have to enter a special update mode. This requires a system restart, which consumes extra time. In update mode, SecureOL only provides a single environment. Other than access the Internet, you don't have much in the public domain. Even a system restart is only possible from the secure domain. The really good thing about the public environment is that you can do anything you want in it. You can add files, delete them, make modifications, etc. None of this is going to harm the system. The moment you feel that a virus has struck and harmed the system, run a cleanup. It restarts the system, after which everything is restored back to default settings.

We also tried to connect to the Internet from the secure environment by connecting a Reliance phone to it. The connectivity software ran fine and even showed that it was connected to the Internet. However, it didn't let us browse the Web. The public environment didn't even allow us to connect at all. There are tons of other features in this software, like the ability to control the I/O devices that can be used in the public environment. You can install the software on multiple machines and control them centrally. It'll let you apply policies, change firewall rules, terminate or run specific processes remotely, and more.

Bottom Line: Overall, it's a fairly interesting security concept for enterprises. In order for this software to be deployed  successfully, the organization must update and strengthen its internal security policies, which is a major challenge as there are organizations that don't even update their anti-virus definitions regularly.

So even if the s/w is installed, and a malicious program enters the secure network, it defeats the purpose of setting it up. The good thing is that you can apply maximum security to the secure environment and leave the public environment completely unsecured. A lite version is available for home use also.

Anil Chopra

Page(s)   1  



Untitled 1


Do you know your Linux is SAP ready?
   
 


 
 

Magazine Subscription | RQS | Contact Us | Team PCQuest

 
 
 
 
   

Copyright © CyberMedia. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.
Usage of this web site is subject to terms and conditions.
Broken links? Problems with site? Send email to webmasterciol@cybermedia.co.in