Review: Trustware BufferZone 3.01

By Joseph Moran | Posted July 31, 2008

Considering the seemingly endless number of potential threats floating around online, you can never have too much protection. Standard security tools like anti-virus or other anti-malware utilities can be quite effective at guarding against a vast array of known threats, but there are plenty of unknown threats out there too ‑ in fact, some threats don’t become “known” until they’ve started claiming victims.  

Trustware’s BufferZone software approaches system protection from a decidedly different angle than conventional security software, and in so doing provides an extra layer of protection against the devil that you don’t know.

BufferZone control panel screen shot
Trustware BufferZone's control panel.
(Click for larger image)
.

Typical security utilities identify threats by looking for telltale signs of an infection that’s been seen before ‑ something like a specific file, Registry modification or pattern of behavior ‑ and then intercepting any attempted modifications before they occur (or undoing them afterward). 

By contrast, BufferZone sets up an entire virtual system with what you might call a “dummy” version of your computer’s configuration (i.e. the Registry and file system), and then automatically redirects the activity of vulnerable (read: Internet-connected) applications to it. Programs and files run normally because they have a normal system configuration to interact with, but since this ersatz configuration is kept isolated from your system’s “real” one, any harmful activity can’t cause permanent damage.

We tested BufferZone on a system running Windows XP; a Vista-compatible version is currently in beta testing and the company expects to release it by the end of the year.

Web Browsing

Once installed, BufferZone makes its presence known via a tray icon, and when we fired up the Web browser, a red border around the application window indicated that it was operating within BufferZone’s virtual configuration. Each time you run a protected application for the first time, there’s a delay of several seconds or so as BufferZone creates configuration settings for the program, but having BufferZone running didn’t noticeably impact overall system performance as we went about our normal computing tasks.

While browsing the Web through BufferZone, anything you do ‑ click a link, download a file, etc. – takes place within the virtual configuration. The same is true for other Net-centric apps like e-mail, IM, or P2P utilities (such as BitTorrent). When we clicked Web links in Outlook Express or Skype, for example, they opened in red-bordered virtual browser windows.

Files and Applications

When you download a file onto a BufferZone-protected system, its icon is overlaid with a BufferZone emblem to indicate that it resides in your virtual system configuration. Open a file with the BufferZone emblem and it opens within the virtual environment. If you determine that a file is OK and you want to let it in the castle walls, a right-click context menu allows you to move the file out of BufferZone.

In similar fashion, you can take any file that already exists on your system or came to be there by some means other than the Internet (say, a removable storage device) and place it into BufferZone before opening it. Through BufferZone’s configuration menu, you can automatically put specific storage devices like the CD/DVD drive, USB flash/hard drives ‑ even network folders ‑ into BufferZone, so any files you access or copy from them are virtualized by default. 

When a file in BufferZone is an application installation file (i.e. a setup wizard), double-clicking it installs the program within your virtual configuration by default. The ability to install software this way is very handy, because it gives you a risk-free opportunity to try out unknown applications as well as a way to avoid the configuration detritus that can often be left behind even after doing an uninstall.

Cleanup on Aisle Five

During the course of our BufferZone testing, we set out looking for bad stuff on the Internet, and we found plenty. It wasn’t long before our browser was laden with visible stuff like pop-ups and questionable toolbars, plus who knows what else lurking unseen below the surface. But then we emptied BufferZone via the program’s control panel, and moments later the junk was nowhere in sight—the virtual configuration had been cleansed.

Herein lies BufferZone’s double-edged sword, because extra security often comes at the expense of convenience, and that’s true to an extent with BufferZone. The program doesn’t distinguish between good and bad changes, so when you empty it, everything gets chucked including any legitimate modifications you may have made. Therefore, if you want to keep using an application you installed inside BufferZone, you need to re-install it outside BufferZone.

While you can create and restore BufferZone snapshot images, they’re all-or-nothing affairs ‑ you can’t choose to keep modification x and jettison y. Similarly, files in BufferZone that you want to keep must be moved out before purging it (though you do have the option to empty BufferZone’s Registry without deleting files).

BufferZone protected browser screen shot
Trustware BufferZone's control panel.
(Click for larger image)
.

Also, because BufferZone sets up what essentially is a non-trusted configuration where infections may or may not be present, you don’t want to do any surfing involving sensitive data (like accessing your bank or shopping online) from within it. BufferZone allows you to add specific URLs to a “Privacy Zone” so visits to those sites don’t commingle with potentially malicious stuff inside the BufferZone.

BufferZone costs $39.99 per system for a one-year subscription (after the subscription period, the software still works but you no longer get program updates. Unfortunately the company doesn't currently offer a non-enterprise three-system pack (most security software vendors do), but the company said it should have one by the end of the year.

Although we didn’t test it, Trustware offers an Enterprise version of BufferZone starting at $49.95 per seat (before volume discounts) that can be deployed and managed via Group Policy.

It takes some time to get familiar with the concept of BufferZone’s virtual configuration, and the application’s control panel could be laid out a bit better, as finding specific settings can take some digging. But once you get the hang of it, Trustware’s BufferZone will give you the peace of mind to let you visit or download an unknown Web site or file secure in the knowledge that your system is protected.

Price: $39.99 ($49.99 per seat for centrally-managed Enterprise version)

Pros: Isolates Internet activity, downloaded files and applications via virtual system configuration; protects against unknown threats and not dependent on regular signature updates

Cons: Does not currently support Vista, doesn’t distinguish between harmful and benign configuration changes, currently no multi-user licensing for non-enterprise version

Joe Moran spent six years as an editor and analyst with Ziff-Davis Publishing and several more as a freelance product reviewer. He's also worked in technology public relations and as a corporate IT manager, and he's currently principal of Neighborhood Techs, a technology service firm in Naples, Fla. He holds several industry certifications, including Microsoft Certified Systems Engineer (MCSE) and Cisco Certified Network Associate (CCNA).

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!


Comment and Contribute


     

    Get free tips, news and advice on how to make technology work harder for your business.

    Submit
    Learn more
     
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    Thanks for your registration, follow us on our social networks to keep up-to-date