ssss
s s
GentleSecurity.com
s
GesWall Safe applications Technology Download Support About us
ss
s s

Notifications

GeSWall provides interactive notifications on its security policy events. There are two types of notifications:

  1. Policy Notifications
  2. Attacks Notifications

Policy Notifications inform about GeSWall's restrictions, such as prevented modifications to files/registry/processes/etc. For example, notification message:

This means that GeSWall's security policy restricted access for Internet Explorer to the ShowCmd and WFlags registry values.

The Policy Notifications are useful for the first time to evaluate GeSWall's policy and watch what it does actually. Additionally, policy notifications are useful for troubleshooting, constructing the rules for new applications and testing malware or suspicious files.

In GeSWall's tray icon menu you can:

  • Filter notification messages by resource type in order to reduce their amount:
    • Enable for All Resources
    • Enable for Files & Registry
    • Enable for Files Only
  • Disable all notifications
  • Define message font color
  • Set notification message exposure time

Attacks Notifications can be considered as filtered policy notifications. GeSWall looks over blocked resources for particular patterns which indicate a malware activity. Once a such activity is detected GeSWall notifies about prevented threat.

While the policy notifications are useful on purpose, when you adjust application rules or test some malware. Attack's detection is for regular use as it provides lowest output and only when it is really something suspicious.

You have an option to terminate malicious application by clicking on 'Terminate' button. Additionally, you can adjust default termination behavior with 'Malicious Process Termination' menu item of GeSWall's tray icon.

  • Never Terminate - disables termination option.
  • Auto-Termination - automatically terminates application as soon as malicious activity is detected. When you see an attack notification, application is already terminated by GeSWall.
  • Interactive Ignore (default) - an attack notification window has two buttons: 'Terminate' and 'Ignore'. You can choose to terminate process by clicking on 'Terminate' button. If you don't click on either 'Terminate' or 'Ignore' during the notification exposure time, then application will not be terminated.
  • Interactive Terminate - the same as 'Interactive Ignore' but application is terminated if no choice taken during the notification exposure.

s
s s
s s
s   s
 
Copyright 2006 GentleSecurity
Contact Us Privacy Statement