Hello and congratulations on release of cis6. It really looks very promising.
I’d like to ask some questions. I’ve thoroughly read the online help guide and didn’t find the answers. So maybe my questions could also help to complement the guide. Maybe the questions are a little bit more than average user wants to know, but CIS user always wants to know more, doesn’t he? 
Well, now in cis6 we have 2 new options to run applications: running them in Fully Virtualized Sandbox (with a green border) and running them in Virtual Kiosk. But it’s unclear what is the difference between these modes. So…
- When a user should prefer Fully Virtualized Sandbox and when Virtual Kiosk?
You see, there is a lack of information about how these modes operate. Obviously, both ‘sandboxed’ and ‘kiosked’ programs can not write anything to critical system areas, but: - Are sandboxed/kiosked applications able to write to non-critical areas (for example, c;/test/*.txt)?
- Are sandboxed/kiosked applications able to read sensitive user data (my documents folder and so on)?
- What data can sandboxed/kiosked applications read?
- Are sandboxed/kiosked applications able to communicate with other sandboxed/kiosked applications? (interprocess memory access, window messages, and so on)
- Are antivirus checks/firewall rules and alerts/bo protection/hips rules applied to andboxed/kiosked applications?
- Do the sandboxed and kiosked applications use common storage to save files and registry keys?
There is one more thing about Kiosk which raise some doubts. The guide says that Kiosk can be “a secure environment for Internet banking and online shopping” and “It is also ideal for visiting any risky websites/links and for testing out beta/unstable software”. What about the next scenario. A user open Kiosk and does some internet banking. Then he closes the kiosk. Some time later he open kiosk for trying some risky software/website. If there is a malware, can this malware read history, cookies and passwords from the online banking session?
8.) Isn’t there some risk to have the same environment for both banking and risky tasks?
Maybe it would be better to have 2 separated kiosks. (And even more, maybe the storage for online banking kiosk should be password-protected and encrypted to protect the saved passwords and other browser data. I’m not sure…)
There are also few questions regarding firewall. CIS displays an alert if it detects a new network. It has 3 options: I’m at Work, I’m at Home, I’m at public Place. The guide says “You can select the type of new network you are connected to, so that the firewall configuration is optimized for the type of connection” - How exactly does this change the configuration? Does it create additional global/application rules? How to change the network type later?
- And the same question regarding the checkbox ‘Public Network’ under Network Zones section. How does it affect the configuration?
- One more thing. CIS shows alerts that offer the opportunity to secure the connection with TrustConnect. What is happening when one chooses ‘Secure communications with TrustConnect’? Will it somehow change the firewall configuration? Is it necessary to have the TC client? And how we can manage which networks should use trustconnect?
Oh, and here is my 5 cents to the wishlist. It would be nice to have the opportunity to choose what parts of configuration to import (while importing the configuration from the file). Some kind of list with checkboxes. For example, import only network zones and global rules and do not import anything else (like hips policy, trusted files list and so on).
That’s it. I know, devs are extremely busy now and I should be very glad if someone from the dev team could find the time to answer my questions.
Thank you.