Symantec is turning to virtualization and cloud computing to protect Web surfers and let them access Web-based applications from one site.
The company demonstrated the technologies, along with another one designed to block malware from getting into corporate networks, to reporters and briefed them on its research and development strategy at an event it dubbed “Innovation Showcase” on Wednesday.
Virtualization technology that essentially creates different machines on the same computer offers a good platform for securing PCs by providing different protected environments, said Joe Pasqua, vice president of research at Symantec Research Labs.
Taking advantage of this trend, the company has developed Virtualization-based endpoint security, VIBES, technology that works with machines already running virtualization hardware and software to isolate three different areas on a computer for doing activities that require different levels of security.
The VIBES prototype protects Web surfers from downloading malware and having sensitive data stolen, all behind the scenes. For instance, when a user wants to open or execute files downloaded from the Internet the system copies the file to a “Playground” virtual machine and executes it there. Any viruses or other malware that might get downloaded stay within that one area and are unable to infect the rest of the computer, said Pasqua.
When a user accesses a Web site using https, the protocol for encrypting sensitive data transactions, the VIBES system moves the operation to a Trusted Virtual Machine that provides a higher level of security. All other activities are carried out in a mode that offers the level of security offered by the antivirus and other security software installed on the computer. The isolating of the activities is all invisible to the end user.
The VIBES technology is based on Linux/VMWare Workstation and is being developed by the Symantec Research Labs Core Research group. Pasqua said he could not speculate on when it might end up as a product.
Symantec also showed off a service called GoEverywhere, an online workspace for accessing Web applications from any Internet-connected device. GoEverywhere, a project that will be in beta testing in a week or two, is designed as a subscription-based hosted service that offers a secure entry point with single sign on to any application on the Web, said Don Kleinschnitz, vice president and general manager of GoEverywhere.