Check Point puts ForceField around browsers

Online security firm Check Point has unveiled a public beta of ZoneAlarm ForceField, a virtualised security platform designed to protect surfers from web-based threats.

Check Point claimed that the new product has been built from the ground-up specifically to fight the emerging classes of browser-based web threats.

ZoneAlarm ForceField also erases all personal information after a web browsing session to protect consumer privacy online.

Features include browser virtualisation, anti-phishing technology, ZoneAlarm's Spy Site Blocker and additional download defences.

"ZoneAlarm ForceField defends against the escalating wave of malicious and privacy-infringing web threats," said Laura Yecies, vice president and general manager of Check Point's ZoneAlarm consumer division.

"We use precision virtualisation technologies and powerful data security principles to secure web surfers in a two-way 'bubble of security', uniquely protecting them from web threats as well as spyware or key-loggers that may already reside on a PC."

The program creates a virtual 'sandbox' in which the browser effectively runs separately from the rest of the operating system.

This means that anything that happens without the user's consent during a browsing session is immediately discarded when the session is closed.

ForceField also works in the opposite direction by preventing key-loggers, screen-grabbers or other malware from seeing what the user is doing inside the virtual session.

A Check Point spokesman admitted to vnunet.com that this functionality would also block key-logging and some other features in parental control programs, but that the company would correct this problem before the final release.

He added that this would not affect the site-blocking functionality of any web filtering programs.

ForceField is currently available only to PC users running Windows XP or Vista and using Internet Explorer or Firefox.

Security experts have welcomed the new product, suggesting that it will help to block a growing hole in consumer security.

"Utilising web browsers as a new primary attack vector, hackers and crackers are now heavily focused on stealing personal information for financial gain," said Charles Kolodgy, a research director at analyst firm IDC.

"The result is a proliferation of web threats, such as phishing, drive-by downloads and key-loggers, that pose enormous risks to personal privacy and invoke fears among consumers that have begun significantly to alter their online behaviour."

ForceField also checks every site visited against an online database to determine whether it is suspicious, and warns users of dangerous sites. It also scans all downloaded files to check for potentially harmful software.

The software offers a full privacy mode which permits users to surf anywhere and type anything without leaving a single trace on the computer.

An 'Instant ForceField' feature gives users temporary use of the platform on borrowed computers at kiosks, shared PCs and other public places.

The final version is expected to be available in early 2008 and will sell for US$29.95. Users who wish to try out the beta beforehand can download it directly from the ZoneAlarm ForceField website.