An often-discussed technique for protecting systems from Internet-based malware is the concept of a sandbox. In the sandbox model, Web-based applications run in a protected shell that prevents them from accessing operating system resources and from adding programs or making changes to the host system. While it isnt a perfect solution, it does go a long way toward improving Internet security.
This security model has been in use for years, with Java using a form of it, as well as other Internet programs, but it hasnt shown up too much in the most obvious area, namely Web browsers. Today probably the biggest implementation of a sandbox-style security model is the protected mode Internet Explorer 7 runs under in Vista.
Attempting to fill this gap is a new product from ZoneAlarm called ForceField, which recently went into beta. ZoneAlarm ForceField currently works on Windows XP systems running Internet Explorer or Firefox. When installed it adds several layers of security to a Web browsing session, including what ZoneAlarm calls virtual surfing, which adds a virtualization layer to seal the Web browser (and any scripts or malware that might try to run in it) off from the Windows operating system.
In tests of the beta I found it to be fairly unobtrusive, especially compared with other browser-based security tools Ive tested. It also didnt appear to add too much overhead to my browsing session, even on one test machine whose hardware is far from state of the art. When the system is activated the browser windows have a shield-like aura around them.
Click here to read the entire review Set Shields to Web Protection