Massively Secure, Awesomely Fast, Ad-blocked Firefox

Author: No Comments Share:

Firefox for BlogDan Allen is well known to those in the Citrix, VMware and Microsoft EUC communities as a rock-star EUC architect and performance engineer, having implemented some of the world’s largest and most complex TS and VDI deployments.  Dan runs the Bromium field engineering team and has successfully implemented  Bromium  in our largest deployments.    He has recently focused on optimizing the performance of our micro-virtualization support for Firefox, and passed on these insights.  Since he’s elbow-deep in customer deployments, I’ve posted this for him.

Who wants faster Firefox? Everyone!

We know that Ad Blocking can dramatically increase performance and improve user experience, while reducing the overhead on CPU and memory of the browser.  In a Bromium secured environment, many customers use Ad Blocking as a way to further enhance security and improve privacy and their users certainly appreciate the performance improvements that result.  This is particularly important in VDI environments and on endpoints with relatively small memory configs. Ad Blocking also allows customers to optimize the density of their VDI desktops per server, because VMs no longer burn CPU and memory on useless Ads.

Bromium supports Ad Block Plus and other Chrome extensions and in IE we recently adopted an obscure IE configuration called Tracking Protection in the browser which we configure in the IE renderer inside Bromium IE micro-VMs.  So what about Firefox?   With the release of Firefox ESR 45, Mozilla included a feature called Tracking Protection.  This  is nearly 100% identical to IE Tracking Protection, so Ad Blocking is now a native built-in feature of the browser.  Since it is built-in,  we can  trivially configure  it in Bromium micro-VMs.  Below are some test results that show the huge improvement in resource use that results.

Take a look at the screen shot below for the home page of www.welt.de.  You will see that (the tab for) this Firefox micro-VM has been running for 3+ minutes, has committed 175MB of RAM, has a constant sustained CPU usage of almost 30% and I am not even interacting with it!  This is the kind of site that kills  user experience with or without micro-virtualization.

welt1

 

Now look below at the next screen shot and see happens when we enable Tracking Protection for Firefox micro-VMs!  The CPU usage is averaging only 3% instead of 30% and memory usuage is 25% less.

welt2

 

We haven’t yet automated the configuration of Ad Blocking in micro-VMs but it’s easy enough to do on your own:

1) Enable Tracking Protection in Firefox (about:config)
2) Add the tracking protection list files to the vSentry manifest/firefox/profile/safe-browsing directory.

It’s great to have Firefox at parity with IE and Chrome for security, performance and privacy.   Bromium customers using Firefox should reach out to us if they need help to configure these capabilities.

Previous Article

Standardizing on Windows 10: Our Advice for Enhancing Security in Large Deployments

Next Article

Using Intel SGX to Protect On-line Credentials

You may also like