If viruses and malware are a regular problem for you, or if you're simply worried that your antivirus program isn't sufficient, you can add an extra layer of defense to your PC by setting up a sandboxing application. A properly sandboxed set of Windows programs can protect you from malware that your antivirus utilities miss, keeping your PC and your personal data more secure while you're shopping online, say, or visiting potentially dicey Web sites.
Sandboxing is a form of software virtualization that lets programs and processes run in its isolated virtual environment. Typically, programs running within the sandbox have limited access to your files and system, and they can make no permanent changes. That means that whatever happens in the sandbox stays in the sandbox.
You can find programs dedicated to sandboxing, but some antivirus programs also feature sandboxing; I'll explore both in this article. The exact sandboxing functionality varies between programs, but here are some of the common uses:
- Automatically or manually run unknown programs in the sandbox in case they contain viruses, spyware, or other malware.
- Run your Web browser within the sandbox to prevent damage from any infections you pick up while browsing, which is the most common origin of malware.
- Run your browser within the sandbox to stop any existing malware on your computer from capturing your site login credentials or your online-shopping payment details.
Most sandboxing tools, such as the ones I'll discuss here, can run programs inside the sandbox right alongside your other programs in Windows. Generally speaking, programs running inside the sandbox will appear normal. But some tools load a separate environment, and have a different look and feel--and they may even require you to reboot the PC when you exit the sandbox.
Sandboxing in Comodo Internet Security
Comodo Internet Security is a free security suite for both personal and business use. In addition to antivirus and firewall components, it features automatic and manual sandboxing.
CIS automatically detects untrusted executable files and programs, and runs them in the virtual environment. You can also manually run any program within the sandbox; simply select a program to run via the main CIS application window (under the Defense+ tab).
Alternatively, you can right-click a program anywhere in Windows and select Run in COMODO Sandbox. However, the option doesn't appear when you right-click a shortcut icon; you must right-click the actual executable program file, which can be a pain.
The sandboxing functionality in CIS is best for automatic protection, or for the occasional manual running of suspicious downloads. If you'd like sandboxing for Web browsing, consider another utility such as Avast or Sandboxie, both of which I'll discuss on the next page.