It has long been the best practice to use a separate desktop environment to perform risky activities, such as Internet browsing, opening files from the Internet, or performing other sensitive activities. While, in theory, VMs provide an excellent answer for this use case, they can be cumbersome and challenging to manage in practice. Hysolate is a solution that effectively streamlines the use of a separate VM environment for risky activities.

Hysolate takes the security activities run manually with a VM running in Hyper-V or VMware Workstation and adds a management and orchestration layer on top of this to create an enhanced user experience for isolating user activities for security purposes. What are the use cases for using Hysolate?

  • Isolate risky activities—This includes isolated malware and other malicious content, improving employee productivity, and empowering developers with an effective sandbox environment for testing and development activities.
  • Isolate sensitive activities—This use case may include access to privileged or sensitive corporate systems, isolating contractors' remote access, or extending zero-trust to the endpoint.

The types of activities and security that can be implemented with Hysolate include:

  • Redirecting files, documents, and other file-related activities to the Hysolate Workspace
  • Redirecting risky websites, categories, specific websites, and other web resources into the Hysolate Workspace to make sure they are opened in a secure environment without affecting the host machine
  • Install third-party applications without the risks associated with installing them on the host workstation with corporate data
  • Use the Hysolate Workspace environment to access external devices, including USB storage
  • Keep personal and corporate data separated, which fits well with BYOD initiatives

I have personally used a browsing VM for security purposes. It becomes a headache to copy files back and forth and open links back and forth between a host workstation and guest virtual machines running in either Hyper-V or VMware Workstation. The Hysolate use cases mentioned above, along with ease of use for the end user, are the solution's power. The Hysolate free version, which is the version I am testing in this review of features, has quite a few nice features. What features do you get with the Hysolate Free vs. Enterprise Edition?

As you can see below, with the free version, you still have access to VM-based isolation, instant deployment, automatic redirection for docs, apps, websites, and USB, as well as isolating risky activities. As expected, the more robust management features and security policies are available only with the enterprise edition of Hysolate.

Comparing the features of Hysolate Free vs. Hysolate Enterprise

Comparing the features of Hysolate Free vs. Hysolate Enterprise

Let's see how to get up and running with Hysolate on a Windows 10 Pro workstation and see if Hysolate can make this process more streamlined from an end-user perspective and if the security benefits follow suit.

Where can you run Hysolate Workspace? ^

There is one system requirement that your system must meet. Hysolate requires you to have 8 GB of memory before you can use Workspace. The error message below was captured in a Windows 10 Pro virtual machine that I had configured with only 4 GB of memory from a VMware vSphere template. As a side note, even though the video driver was shown as unsupported, I had no issues using the Hysolate solution inside a VM.

System resource requirement error using Hysolate Workspace

System resource requirement error using Hysolate Workspace

Installing Hysolate ^

The process of getting up and running with Hysolate is extremely easy. Hysolate has done a great job of ensuring that the installation process is easy and seamless. For this review of features, I signed up for the Hysolate free offering. After you receive the Hysolate email, log in with the temporary password provided, and download the Hysolate installation.

Installing Hysolate in Windows 10

Installing Hysolate in Windows 10

Sign in to Hysolate free version

Sign in to Hysolate free version

Successfully signed into Hysolate and prompted to install the browser plugin

Successfully signed into Hysolate and prompted to install the browser plugin

Hysolate begins preparing the Workspace environment and prompts for a restart of your workstation

Hysolate begins preparing the Workspace environment and prompts for a restart of your workstation

Now, you need to reboot your host workstation to initialize the Hysolate Workspace and access the secure Workspace environment.

Using Hysolate Workspace ^

Once your computer reboots, a tour of the product features in the screen's lower right corner above the system tray will be displayed. Hysolate will prepare the Workspace for you. For me, this just took a couple of minutes. To access the desktop of the Hysolate Workspace, Hysolate has a preconfigured hotkey. Use the Windows key + Alt + right/left arrow.

As you can see below, this is the normal Windows 10 desktop display.

The normal Windows 10 desktop outside of the Hysolate environment

The normal Windows 10 desktop outside of the Hysolate environment

After pressing Windows key + Alt + Right/Left arrow, you will see the desktop quickly scroll over to the Hysolate Workspace. As you can see, the desktop has a default red background, and the apps and icons are different from your host.

The Hysolate desktop displayed after entering the Hysolate hotkey combination

The Hysolate desktop displayed after entering the Hysolate hotkey combination

As you recall, when you install Hysolate, it installs a browser plugin that provides orchestration between your host and your Hysolate Workspace VM. The great thing about the plugin is that you can customize website categories that automatically forward to the Workspace. By default, it forwards the following types of items to the Hysolate Workspace browser:

  • High Risk—Phishing, hacking, malicious websites, etc.
  • Medium Risk—Gambling, adult, illegal content, etc.
  • Uncategorized—Unknown or unclassified websites

When any browsed websites match these categories, Hysolate automatically forwards the browser session to the Hysolate Workspace. The Hysolate browser plugin categories are customizable. You can configure which website categories open in the Hysolate Workspace environment.

Hysolate browser plugin settings configured by default

Hysolate browser plugin settings configured by default

This functionality moves the risk from the host into the Hysolate Workspace session.

Site categorized as hacking is forwarded to the secure Hysolate Workspace VM

Site categorized as hacking is forwarded to the secure Hysolate Workspace VM

What about questionable files that you may not want to open on your host workstation? Hysolate makes this easy as well. When you right-click a file, there are a couple of options added to the context menu:

  • Copy to Workspace
  • Open in Workspace
Opening a questionable file in Hysolate workspace

Opening a questionable file in Hysolate workspace

After clicking the Open in Workspace option, you will see the Workspace environment open, and the file is executed there instead of the host.

Questionable file is moved over to the Hysolate Workspace environment

Questionable file is moved over to the Hysolate Workspace environment

Impressions and final thoughts on Hysolate ^

As mentioned earlier, using a secondary VM as an insecure browser machine and for other purposes, such as opening questionable files, is a recommended best practice among many security professionals. However, this approach often fails to get traction. It is cumbersome and lacks the end-user experience that most users require in fully adopting a solution that does not impede productivity.

Hysolate free edition provides a seamless solution that delivers on its promise to make using a secondary environment for security easy, seamless, and with little impact on productivity. If you are looking for a seamless way to leverage a second environment for security, development, sandboxing, or general-purpose insecure browsing, Hysolate is a solution to take for a spin.

Subscribe to 4sysops newsletter!

Learn more about Hysolate, and download the free edition here.

+2
avatar
0 Comments

Leave a reply

Please enclose code in pre tags

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2021

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account