Containment: advises to sandbox virtually an internet browser ?

Hi, need: we would like to sandbox firefoxportable.exe software that we deploy to allow users to navigate on personal sites or non professional sites, we would like that the software have almost zero access to computer files (except the ones he need to use), or to make it runing in a virtual machine. An “exhange folder” between user professional environement and this browser, allowed for documents exchange would be a plus (for example il “my documents / personal”… I created a category of files with *\firefoxportable.exe in it, created a specific rule in containment policies to run virtually this category… now don’t know if its really working and how to do more :slight_smile: thank you !

Hello ! No one have any idea on that ?

Hi @rbo,

Sorry for the delayed response. Please create a containment rule for this executable “firefoxportable.exe” with action Run virtually.
Virtualized applications have read access to the filesystem, but write access can be possible to the virtual environment only. so that no harm can happen.

And as you asked you need an “exchange folder” where you can read/write the file. please enable this option “Do not virtualize access to the specified files/folders”
and add the Files/Folders you want to give under “Manage Exclusions”

Please check this help guide for more information

Kind Regards,