As the title says I would like to see CIS have the ability/option to create separate FW and HIPS rules for the Virtual Kiosk and sandboxed apps
I think this could add security to the VK and Auto sandboxed files especially when running as fully virtualized
If this is possible now obviously this wish is redundant but I would like to know how to achieve this
Thanks TF
+1
Poll added, plz vote.
voted +1
though i probably used on a case by case basis
though i do know the problem with this would be where to put the configuration or to change the rules just asking ;D
also is it posiible to open the cis gui inside kiosk ?? 
I also think this would be used on case by case basis or by creating certain group rules
As CIS stands there is some practical “road blocks” to implementing this that need to be over come, you stated a couple. However for users that like to be able to configure and tweak their settings (most CIS users) I think this would be an excellent addition to CIS, another tool in the system hardening box.