P.S: hardened policy @ locked down blocks a lot of stuff.hjlbx
While you can add those processes to User Space in AppGuard, that means they will always be blocked - with no way for the user to Allow - unless you go to User Space tab and select No.
From a practical standpoint, it is better to add them - if you wish - to NVT ERP's vulnerable process list and run in Alert Mode. This way, if one of the processes is executed, NVT ERP will generate an alert from within you can select Allow or Block.
Either Eset + ApGuard or Eset + SpyShelter would be enough. More important is a proper configuration (attack surface reduction) than adding another security applications.Yes you are all right about configuring these apps. AppGuard once configured properly, beats out ERP and Sandbox. Many people at MT seem to Recommend the combo that I mentioned in this thread. But IMO I think that Appguard is sufficient alone if set up properly. I personally use AppGuard with SpyShelter Premium and ESET Internet Security. It has been running smoothly and consumes less resources too, although I have a strong feeling that with AppGuard even SpyShelter Premium is not needed.
Thanks, Andy. What in your opinion constitutes a strong firewall? Is Comodo such a firewall?In-memory attacks (from the network) are dangerous for organizations and for the people, who use the public networks. In the second case the strong firewall should be sufficient.
Hey shmu, I think ReHIPS permits some more tweaks than SBIE. SBIE can be tweaked also but less.SBIE has certain advantages over ReHIPS. The configuration is more flexible in some ways. But I have found that an app is more likely to work in ReHIPS isolation than in SBIE sandbox.