/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsA security software for Windows machines that creates two virtual environments, secure and public, thereby preventing security threats from the Internet to affect the enterprise network
The VE2 (actually VE squared) is a fairly interesting
virtualization software for Windows machines in an office, be they desktops or
notebooks. Unlike the usual virtualization environments, which allow you to load
multiple OSs on the same hardware, this one creates two virtual environments in
your existing OS-Public and Secure. The Public environment is unsecure and
used to connect to the Internet, which is an unsecure network. The user browse
the Web or chat in this environment, but can't access the enterprise network.
The secure environment, on the other hand, doesn't allow Internet
connectivity, but lets the user connect to the local network resources. Since
most security threats come in through the Internet nowadays, the software
completely isolates the secure environment from them. This can be a boon for an
enterprise network. While users are given free access to the Internet, the IT
department need not worry about any security threats coming into the main
network.
|
We ran a slew of tests on SecureOL, and the way it works is
quite interesting. Installing it was a breeze. It automatically detected all the
network interfaces and firewall settings on our test notebook. It then scanned
through the entire hard drive's directory structure and on its own decided
which ones to keep in the secure environment and which ones in the public one.
After that, it also let the user add any other directories it had left out to
the secure environment. The machine was ready for action after a system restart.
At first glance, we didn't find anything different about the machine, barring
the 'protected by SecureOL' logo that appeared on the login screen, and the
usual desktop shortcuts and entries it created in Program Files. Both
environments look exactly the same with all the files in their original places.
There was a small icon in the system tray that indicated whether we were in the
secure or public environment. Double clicking on this icon switched the
environments and a big caption saying 'SECURE' or 'PUBLIC' appeared on
the screen for a few seconds. The difference became apparent when we noticed
that the title bar in all the windows we opened had changed colors. In secure
mode, all the bars were red, while in public mode, they were blue. After that of
course, we started finding the differences. New files created in secure
environment have a small red dot on the file names. If you open a file in the
secure environment, and switch to the public one, you won't find the file open
there, indicating that there are indeed two virtual environments running.
/pcq/media/post_attachments/10a2c3a9538b81ef5d54842370957abab7e8812222dfb1cd6b7c3885cea65b7d.jpg) |
| No matter what goes wrong in the public environment, you can always restore it to its original state |
One good thing about this package is that while regular
virtualization software consume a lot of system resources, this one hardly
affected our machine. Switching between environments happens instantly, and
there's hardly any performance degradation while doing any work.
The tests
Our test machine had Win XP Pro running with both Ethernet and WiFi. We had
turned WiFi off during installation. After the installation, we could access
only the local network resources, but couldn't browse or chat on Yahoo IM.
While in public mode, we could do the reverse. It wouldn't let us access the
network resources, but did let us browse and chat. However, we were able to
download mail from our corporate mail server over the Internet in both modes.
It seemed to have created two instances of our mailbox.
Accoring to us, users should not be allowed to access corporate mail from the
public environment since it would add to confusion when some mails land up in
one environment's mailbox while rest in the other. Coming to the security
part, there's nothing much you can do to harm the machine when SecureOL is
running. If you Shift+Delete a file, it comes right back after a folder refresh.
If you send it to the Recycle Bin, it will create another copy of it in the same
folder. The same thing happened when we moved files from one folder to another.
All this happens to the files that existed before SecureOL was installed. Any
fresh files you create after its installation can be moved or deleted. We found
this to happen in both secure as well as public mode. If you do want to move or
delete certain pre-SecureOL files, or install an application that should be
available across both environments, then you have to enter a special update
mode. This requires a system restart, which consumes extra time. In update mode,
SecureOL only provides a single environment. Other than access the Internet, you
don't have much in the public domain. Even a system restart is only possible
from the secure domain. The really good thing about the public environment is
that you can do anything you want in it. You can add files, delete them, make
modifications, etc. None of this is going to harm the system. The moment you
feel that a virus has struck and harmed the system, run a cleanup. It restarts
the system, after which everything is restored back to default settings.
We also tried to connect to the Internet from the secure
environment by connecting a Reliance phone to it. The connectivity software ran
fine and even showed that it was connected to the Internet. However, it didn't
let us browse the Web. The public environment didn't even allow us to connect
at all. There are tons of other features in this software, like the ability to
control the I/O devices that can be used in the public environment. You can
install the software on multiple machines and control them centrally. It'll
let you apply policies, change firewall rules, terminate or run specific
processes remotely, and more.
Bottom Line: Overall, it's a fairly interesting security
concept for enterprises. In order for this software to be deployed
successfully, the organization must update and strengthen its internal
security policies, which is a major challenge as there are organizations that
don't even update their anti-virus definitions regularly.
So even if the s/w is installed, and a malicious program
enters the secure network, it defeats the purpose of setting it up. The good
thing is that you can apply maximum security to the secure environment and leave
the public environment completely unsecured. A lite version is available for
home use also.
Anil Chopra