About MCPc

MCPc is a trusted technology products and solutions provider driven by a team of dedicated, customer-focused professionals with experience solving complex business challenges.

Posts by Category

MCPc Blog

Current Articles | RSS Feed RSS Feed

Application Virtualization as a Virus Remedy

Posted on Fri, May 21, 2010 @ 02:19 PM
  
  
  
  

Application virtualization in and of itself is not very exciting, but the benefits of it are - particularly the ability for application virtualization to reduce malicious software installation and virus infiltration.

You heard it right! Application virtualization can greatly reduce the number of viruses in your environment. How does it do this? All application virtualization platforms run in user mode (non-privileged mode). 

To understand user mode you must first know what admin mode is and how it works: Admin mode is when a user, and all processes spawned by that user, have both read and write access to all areas of the file system and registry. In short, they are running with administrator rights. Why would an end user be running in this mode?  There are many applications that were written in such a way that they require read and write access to these critical system locations. 

The problem is that those critical system locations are also where viruses like to live.

 

 

Alternatively, when a user is running in user mode, they only have read access to those critical system locations. The read-only access is what keeps viruses at bay, by not allowing any processes started by the user (intentionally or not) to write to those system critical locations. This read-only access is not bulletproof, but it will stop the vast majority of virus and malicious software from infesting your computers.

To the points above, application virtualization will allow you to create a more secure environment by closing most of the doors used by viruses and other malicious software.

The way application virtualization accomplishes this is by giving the virtualized application a virtual registry (i.e. system and application settings) and file system (i.e. files and folders) that run in isolation.  By providing this isolated "sandbox," the application can do what it needs and never affect the real registry and file system. 

The exact details of how this is done vary from vendor to vendor but this "sandboxing" is a critical part of any application virtualization solution. It is that isolation that gives the user the ability to run an application in user mode even though it may require access to the system critical locations. 

How has application virtualization improved your environment?

 

Jason Dell

Jason Dell is a Converged Network Solution Consultant at MCPc, and is responsible for developing and programming custom solutions for clients. His expertise includes network security and security for mobile devices in the enterprise. Connect with Jason on LinkedIn.

Image Credit

http://farm2.static.flickr.com/1081/1365036172_462073efc1.jpg

Tags: , ,

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics

MCPc Blog

The MCPc Blog offers insight into common business technology products and solutions, as well as an inside look at MCPc's people and culture. 

Subscribe by Email

Your email:

Connect with MCPc

Latest Posts

Most Popular Posts

Posts by Month

Copyright © 2010 MCPc, Inc. All Rights Reserved. All Rights Reserved. Designed and Developed by Wakefly