Copyright 2005 BrightTime Technologies, Inc. All rights reserved
Click here to learn major functionality with screen shots


What make SensiveGuard different from other firewalls are:


Distinguish User Operation From Malicious Software Operation

SensiveGuard intercepts every network and file access in real-time and detects whether or not the access
is initiated by user through a keyboard or mouse attached to the local computer. Depending on the user
initiation condition, different actions of allow, deny, or warn (suspend) is then taken against the access.
Actions are defined in a security policy that also comprises access specification, and conditions such as
user initiation, program identities.

On personal computers, most normal network or file accesses are initiated by programs responding to
user operation on a keyboard or a mouse attached to the local computer. On the other hand, most
malicious accesses are secretly performed by virus, spyware, or hackers without even the user’s notice.
Using user initiation condition greatly increases security against malicious software while imposes
minimum inconvenience to normal operations. For example, SensiveGuard can allow the Windows FTP
program (ftp.exe) to download files when it is operated manually by the user, but deny the same FTP
program from downloading files when it is invoked by a malicious software in the background. Today, many
Ad-ware and spyware are ActiveX objects embedded in the Internet Explorer, which secretly pop up
commercial, access Internet websites to retrieve and send information. By allowing the Internet Explorer to
access websites only when it is operated by a user would effectively stop many Ad-ware and spyware from
malicious operation in the background.

Associating legitimate operations with local keyboard or mouse input can also protect important files from
being read, copied, or deleted by any malicious software operating in the background or hackers taking
control of the computer remotely. Such protection is more secure than file encryption alone, which can still
be deleted or copied while the computer is on.

Fingerprint Programs For Identities

SensiveGuard further enhances security by associating each security policy with one or more program
identities (fingerprints). Therefore, for the same network or file access, different security actions can be
taken with different program identities. For example, security policy can allow the Internet Explorer to access
websites with the HTTP protocol, while deny any other program to access websites. On personal computer,
typically only a few well-known programs would access specific network services. Ensuring no other
programs can access the services greatly reduces malicious operations. Today, many malicious Spam
emails would secretly access Internet websites to retrieve or send information once a user opens the
mails. By allowing the email program (e.g., Microsoft Outlook) to only send and receive emails, but denying
its access to websites would prevent such malicious Spam emails from doing any harm.

A program identity is a fingerprint of the program that is uniquely and reliably generated with digital ID
technology. Malicious software can not fake its identity.

Suspend Access in Real-time For User Approval

Except those that are explicitly allowed or denied by policies, SensiveGuard will suspend any network (TCP,
UDP/IP) and file access in real-time, and pop up a warning window showing detailed access information
including user initiation condition, program identity, network protocol and remote network address (for
network access), or file name (for file access), and options for user to approve or deny the access. If the
user allows the access, the access will go through without interruption; otherwise, it will be stopped
immediately. User can choose to apply the same answer to the same access in the future without further
warning. This allows SensiveGuard to dynamically and automatically create policies based on user
approvals or denials.

Protect Inbound and Outbound Network Access

SensiveGuard checks every inbound and outbound TCP,UDP/IP access for policy compliance. A network
security policy contains access specification of network protocol, port number, remote address (or address
group such as the local home network), and direction (outbound or inbound). Three address groups are
created by default: any-remote group, local-network group, and the Internet group. The local-network group
includes the subnet comprising the local computer. New address group can be created to include any IP
addresses or subnets. A network security policy also contains actions to take against the access under
various conditions such as user initiation and program identity.

Following are the default network policies after installation:



Protect Critical System And Personal Files

Virus or spyware often gets into the computer by exploiting security holes in networked programs such as
the Internet Explorer and the Outlook email program and installs itself in the computer. Such malicious
program may simply reset home page, direct requests to malicious websites, pop up commercials
constantly, or more dangerously monitor your keyboard entries, steal passwords, steal email addresses, or
delete files. Anti-virus software is the most popular solution. However, it is often an after-fact solution. Anti-
virus software can detect a virus only after it has become well known and the software has been updated to
include the virus signature, which is often too late for many computers that have been affected. And, anti-
virus software can never prevent your "curious neighbors" or hackers from login into your computer remotely
and installing virus or spyware. SensiveGuard is complementary to anti-virus software that can prevent
unauthorized access to files in real-time. It depends on detection of malicious operations rather than
software signature.

SensiveGuard is the only firewall to have real-time file protection. Security policies can be created to
suspend and warn on access (write, delete, or read) on any files under specified conditions. A file security
policy contains file specification of file types, a list of folders, and command (write, delete, read). A file
security policy also contains actions to take against the access under various conditions such as user
initiation, program identity, and whether or not the program has Internet connection.

Following are the default file security policies after installation:


SensiveGuard does not interfere with normal Windows network file sharing operation. That is, if a folder is
set to be shared for read and write on the network, it can be read and written by computers in the network if
they meet the security requirement, regardless whether or not the folder is under protection by
SensiveGuard. Normal network file sharing is protected by Windows built-in security and network firewall
such as the SensiveGuard firewall.

Easy of Use and Flexible Security Policies

SensiveGuard requires no user configuration after installation. The built-in default policies will start
protecting your computer right away. A new policy is created automatically when a user approves or denies
an access.

SensiveGuard supports very flexible policies. Each policy contains access specification (network or file),
conditions such as program identity and user initiation (whether or not access is initiated by user locally),
and security actions to be taken when the specified access occurs under the specified conditions.
Advanced users can create and modify any policies through a graphical user interface. Click here to learn
the usage of the program with screen shots

Self Protection

SensiveGuard protects itself from virus and hackers. Any configuration affecting policies or operation
without direct user operations in the local computer will be denied. Ironically, most other firewall and anti-
virus programs cannot protect themselves against virus or hackers.

Comprehensive Logging

SensiveGuard provides easy to read logging for network access and file access, grouped into each day.
Users can review all network access and important file access for any given date, allowing sophisticated
users to review system activities and detect undesired operations.

License and Supported Operation Systems

SensiveGuard is license free for personal use. If you find it useful, please recommend it to your friends and
colleagues.

SensiveGuard supports Windows 2000/XP, home and professional editions, with or without SP1, SP2.

SensiveGuard contains patents pending.



Click here to learn major functionality with screen shots