- Split-brain DNS deployment using Windows Server DNS policy - Wed, Nov 30 2022
- Veeam Backup for Microsoft 365—Why you need to back up your M365 data - Tue, Nov 15 2022
- Cloud-based patch management with Action1 - Tue, Nov 8 2022
Hysolate takes the security activities run manually with a VM running in Hyper-V or VMware Workstation and adds a management and orchestration layer on top of this to create an enhanced user experience for isolating user activities for security purposes. What are the use cases for using Hysolate?
- Isolate risky activities—This includes isolated malware and other malicious content, improving employee productivity, and empowering developers with an effective sandbox environment for testing and development activities.
- Isolate sensitive activities—This use case may include access to privileged or sensitive corporate systems, isolating contractors' remote access, or extending zero-trust to the endpoint.
The types of activities and security that can be implemented with Hysolate include:
- Redirecting files, documents, and other file-related activities to the Hysolate Workspace
- Redirecting risky websites, categories, specific websites, and other web resources into the Hysolate Workspace to make sure they are opened in a secure environment without affecting the host machine
- Install third-party applications without the risks associated with installing them on the host workstation with corporate data
- Use the Hysolate Workspace environment to access external devices, including USB storage
- Keep personal and corporate data separated, which fits well with BYOD initiatives
I have personally used a browsing VM for security purposes. It becomes a headache to copy files back and forth and open links back and forth between a host workstation and guest virtual machines running in either Hyper-V or VMware Workstation. The Hysolate use cases mentioned above, along with ease of use for the end user, are the solution's power. The Hysolate free version, which is the version I am testing in this review of features, has quite a few nice features. What features do you get with the Hysolate Free vs. Enterprise Edition?
As you can see below, with the free version, you still have access to VM-based isolation, instant deployment, automatic redirection for docs, apps, websites, and USB, as well as isolating risky activities. As expected, the more robust management features and security policies are available only with the enterprise edition of Hysolate.
Let's see how to get up and running with Hysolate on a Windows 10 Pro workstation and see if Hysolate can make this process more streamlined from an end-user perspective and if the security benefits follow suit.
Where can you run Hysolate Workspace? ^
There is one system requirement that your system must meet. Hysolate requires you to have 8 GB of memory before you can use Workspace. The error message below was captured in a Windows 10 Pro virtual machine that I had configured with only 4 GB of memory from a VMware vSphere template. As a side note, even though the video driver was shown as unsupported, I had no issues using the Hysolate solution inside a VM.
Installing Hysolate ^
The process of getting up and running with Hysolate is extremely easy. Hysolate has done a great job of ensuring that the installation process is easy and seamless. For this review of features, I signed up for the Hysolate free offering. After you receive the Hysolate email, log in with the temporary password provided, and download the Hysolate installation.
Now, you need to reboot your host workstation to initialize the Hysolate Workspace and access the secure Workspace environment.
Using Hysolate Workspace ^
Once your computer reboots, a tour of the product features in the screen's lower right corner above the system tray will be displayed. Hysolate will prepare the Workspace for you. For me, this just took a couple of minutes. To access the desktop of the Hysolate Workspace, Hysolate has a preconfigured hotkey. Use the Windows key + Alt + right/left arrow.
As you can see below, this is the normal Windows 10 desktop display.
After pressing Windows key + Alt + Right/Left arrow, you will see the desktop quickly scroll over to the Hysolate Workspace. As you can see, the desktop has a default red background, and the apps and icons are different from your host.
As you recall, when you install Hysolate, it installs a browser plugin that provides orchestration between your host and your Hysolate Workspace VM. The great thing about the plugin is that you can customize website categories that automatically forward to the Workspace. By default, it forwards the following types of items to the Hysolate Workspace browser:
- High Risk—Phishing, hacking, malicious websites, etc.
- Medium Risk—Gambling, adult, illegal content, etc.
- Uncategorized—Unknown or unclassified websites
When any browsed websites match these categories, Hysolate automatically forwards the browser session to the Hysolate Workspace. The Hysolate browser plugin categories are customizable. You can configure which website categories open in the Hysolate Workspace environment.
This functionality moves the risk from the host into the Hysolate Workspace session.
What about questionable files that you may not want to open on your host workstation? Hysolate makes this easy as well. When you right-click a file, there are a couple of options added to the context menu:
- Copy to Workspace
- Open in Workspace
After clicking the Open in Workspace option, you will see the Workspace environment open, and the file is executed there instead of the host.
Impressions and final thoughts on Hysolate ^
As mentioned earlier, using a secondary VM as an insecure browser machine and for other purposes, such as opening questionable files, is a recommended best practice among many security professionals. However, this approach often fails to get traction. It is cumbersome and lacks the end-user experience that most users require in fully adopting a solution that does not impede productivity.
Hysolate free edition provides a seamless solution that delivers on its promise to make using a secondary environment for security easy, seamless, and with little impact on productivity. If you are looking for a seamless way to leverage a second environment for security, development, sandboxing, or general-purpose insecure browsing, Hysolate is a solution to take for a spin.
Subscribe to 4sysops newsletter!
Learn more about Hysolate, and download the free edition here.