[FAQ] What is ReHIPS? What can it do?

Started by fixer, June 24, 2018, 02:49:37 PM

Previous topic - Next topic


Sometimes new potential users come and ask "what is ReHIPS? what can it do?". Let's take a brief overview of ReHIPS features and find out what it can do. Basically ReHIPS provides the following:

1. Process control. When a process is started, inspection takes place, whether parent process is allowed to start processes, whether process being started is allowed to start, file hashes and digital signatures are checked, command lines can be inspected, etc. This provides fine-grained control over all starting and running processes.

2. Sandboxing. Any untrusted process can be executed in a sandbox (executed from a separate restricted ReHIPS-user), so it won't affect the system or other processes (non-isolated or isolated in other isolated environments). Isolated processes can have their own desktop; access to network and other system resources including file system objects and registry can be filtered. If you have an installer, DeployHelper can help install it straight into isolated environment.

3. Some AntiSpy stuff like disabling camera and microphone. This one is quite simple and straight-forward, but some people really like it.

4. Centralized control. It's possible to create and customize a pack of rules exactly to fit your needs and manage computers remotely or groups of computers via Active Directory. This is utilized in ReHIPS Corporate Edition, so if you plan to use ReHIPS at home, you probably won't need it.

5. Additional protection echelons. They're implemented as plugins and provide additional protection like control over common startup points or reaction to uncommon events like strange new users being added. But this is also in ReHIPS Corporate Edition, custom builds for your ultimate and precise protection, so if you plan to use ReHIPS at home, you probably won't need it.

Besides these major features ReHIPS:

-is based on well documented certified safe and secure Windows built-in security subsystems (no kernel-mode hooks, hardware virtualization-based PatchGuard bypasses and other dirty hacks), hence ReHIPS provides unprecedented protection, ensures system stability and integrity and doesn't increase attack surface;

-is compatible with all current Windows versions from Windows Vista SP1 to Windows 10 (including server editions) and doesn't require frequent updates;

-supports 32-bit and 64-bit Windows versions;

-protects from zero-day attacks, exploits and malware including previously unknown threats;

-is completely autonomous and doesn't require Internet access;

-includes initial database of rules which includes more than 400 applications, the database is regulary updated.