John Sequeira


Tuesday, May 02, 2006
Altiris SVS

Q:"Does the SVS virtualization of a Web browser prevent a virus infection?"

A:"If malware launches from a virtualized application, SVS will track that as part of the process tree and capture what it does. When the layer is reset, the malware will be removed from the local hard drive. So SVS does prevent malware from permanently altering the app that launched it."

With whole-system virtualization becoming old hat, where's the excitement in virtualization land? Well, the vendors have to move up with management tools and down with what I'll call "fractional system virtualization". Altiris SVS does the latter for Windows with a file system driver which will 'overlay' the files and registry settings that make up an installable software package. You run your normal installer within SVS, and it serializes the changes for you in a transaction, so that you roll forward or roll back the transaction at any time. You click a button and - POOF the annoying new IM application is uninstalled. POOF it's back. I like it.

There are numerous technologies in *nix that provide related capability (symlinks/UnionFS, Jails), but from what I've read SVS seems like they've done a great job on packaging and ease-of-use.

Oh, did I mention it's free for personal use?

I remember reading that Vista was going to perform similar magic for poorly written Win32 apps that couldn't operate in Least Privelege Mode-- they'd be given a sandbox with access to just the resources required. That was a long time ago, and probably dropped from the roadmap, so I would suspect SVS has a bright future filling in potholes for both legacy and Vista Windows.

I'll write more when I have a chance to play with it.
10:28:48 AM      comment []  trackback []

© Copyright 2006 John Sequeira.
May 2006
Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      
Apr   Jun

Click to see the XML version of this web page.
Click here to send an email to the editor of this weblog.
Yahoo: johnseq2
MSN: [email protected]
AIM: amped02139
Skype: johnjulian

Tea From Upton Tea