Serious Security is Easy: 10 Misconceptions about Virtualization Based Security

Author: No Comments Share:
  • Myth: Micro-virtualization makes daily user tasks difficult and does not block malicious activity.
  • Fact: End users can effortlessly carry on with their day-to-day tasks as usual, including opening and using files sourced from the internet.
  • Fact: All malware activity is contained, recorded, analyzed for network detection, and then destroyed – all without remediation. Let us show you how to save time, resources and more importantly – your network!

Last month, Microsoft released WDAG for its Edge browser, which takes advantage of virtualization-based security to hardware-isolate Edge using micro-virtualization. This is a good indicator of how the security industry is shifting to address ever increasing cybercrime.

Learn More: Bromium Overview

Let’s face it – there will always be vulnerabilities that cybercriminals can take advantage of, and you simply cannot anticipate an adversary’s every move. Clearly, prevention techniques have proven that they are inefficient and plain do not work – we must find a better way. Gartner validates that “Micro-virtualization is a great model. It’s the way forward.”

The impact on end-users is based on how you implement.

As the cyber security industry pioneers of micro-virtualization, we are often asked about the end user impact on day-to-day tasks. The answer to this question is, it depends on the how the micro-virtualization is implemented. Let me illustrate with an example and then address some common questions we hear.

Some browser-only/browser-specific micro-VM implementations discard credentials and cookies for the respective website when the browser is closed – making the user experience less optimal when the end user visits that site again. Bromium, on the other hand, seamlessly hardware-isolates execution of each user task that accesses the web, whether from multiple browsers, attachments, documents or files, into micro-VMs.

You may hear micro-VMs also referred to as hardware-enforced containers. It doesn’t matter if an end user opens a malicious word document, or visits website serving malware, or opens a malicious email attachment. We isolate the document in a hardware-enforced container protecting the endpoint from any infection. The malware has nowhere to go, and when the application or task is closed the malware is destroyed while retaining useful credentials and cookies for future visits.

Answers to key questions that will help you understand the value of VBS.

Here’s a list of the top 10 questions we are often asked about the end user experience when using the Bromium Virtualization Based Security Platform.

  1. Can I print from a website or file inside of a Bromium micro-VM?

Yes, even though malware cannot escape from the hardware-enforced isolation we provide, you can still print to a physical printer or PDF.

  1. Can I copy and paste to/from within a micro-VM?

Yes, copy and paste works, but the admin can optionally decide how this works. For example, you can control which websites can/cannot use the clipboard and even what formats can be used.

  1. Can I upload and download from the Internet?

Yes, and safely! Uploads and downloads work as normal for the user; but with an invisible secure process under the covers. Admins can optionally control which websites allow/disallow uploads/downloads via website filtering.

  1. Can I store website credentials for easy logon to my favorite sites?

Yes, and securely. Even though each browser tab opens in its own micro-VM, Bromium provides a unified cookie store, password store, and allows for single sign on, and smart card pass-through.

  1. Can I edit and save files opened in a micro-VM?

Yes, end users can edit any file in a micro-VM as they would normally and seamlessly save it in the normal way.

  1. Do I have the option of choosing which Apps to isolate with Bromium?

Yes, Bromium allows you turn on hardware-isolated browsers, office docs, pdf, USB, network shares, email attachments and more.

  1. Do roaming users need updates or to be online for be protected from malware?

Not at all. Bromium protects the device even if you can’t reach it to patch it. It will protect itself and report back the next time it connects.

  1. Do all of my PCs need to be identical to run Bromium?

Not at all. When the software installs, it intelligently builds micro-VMs based on the PC it is running on. If the PC or server does not support virtualization, only the host monitoring capability is installed to include that PC as part of the Sensor Network.

  1. Are there any known compatibility issues with Bromium and other security applications running on the same system?

No, Bromium runs alongside other security applications without impacting them.

  1. What happens if malware detonates inside the micro-VM?

Nothing, the endpoint is completely protected from the malware. It lets the malware run inside the hardware-enforced container so that we fully map the entire kill chain. The Sensor Network then uses this information to automatically search the network for any other instances of the malware. When the end user closes the application, the micro-VM and malware are destroyed. Watch this video to discover why you no longer need to worry about the latest attack or the impact of Crypto-malware again.

Bromium has launched over a billion micro-VMs without a single customer reported breach. We would love to hear from you to address any questions you may have about VBS and how you can easily deploy Bromium into your environment so you don’t have to worry about the impact of malware anymore.

For more Frequently Asked Questions and to learn more about how easy it is to use the Bromium Platform, visit our Support Knowledge Base.

Previous Article

Elections, Cybersecurity and Human Nature – Why This Matters to Corporate Security

Next Article

Thoughts on the recent “NtSetWindowLongPtr” vulnerability

You may also like

Leave a Reply

Your email address will not be published. Required fields are marked *