- Auto-containment rules let you define which applications can run on your computer, and what privileges they are allowed.
- Each rule consists of 3 basic elements:
1. Action – choice of:
- Run Virtually - The application is run inside the container, a highly secure environment which is isolated from the rest of your computer.
- Run Restricted - The application has limited privileges, can access very few operating system resources and can only open 10 processes at a time.
- Block - The application is not allowed to run at all.
- Ignore - The application can run normally without restriction.
2. Target – The types of files covered by the rule.
3. Reputation – The trust rating of the files you selected in 2.
- In other words, the action is applied to target files which have a specific reputation.
- One of the conditions you can set in ‘2. Target’ is files signed by a specific vendor.
- The following example shows how to edit a rule which auto-contains unrecognized files so that it also auto-contains files by a specific vendor.
Set a containment rule for a vendor
- Open Comodo Client Security (CCS)
- Click ‘Settings’ on the CCS home screen
- Click ‘Containment’ > ‘Auto-Containment’ on the left
- Select the ‘Run Virtually’ rule and click ‘Edit’:
- This rule runs all files that have a trust rating of ‘Unrecognized’ in the container.
- We will next make it also contains files from a specific vendor, regardless of reputation.
- Click the ‘Edit’ button in the ‘Criteria’ tab:
- Go to the ‘File Signed by Vendor’ row and click ‘Add’
- Select the vendor from the list and click ‘Ok’.
- Leave the vendor rating under the vendor name as ‘Any’. This will auto-contain all files signed by the vendor, regardless of their trust rating:
- Click ‘OK’ to save your rule.