Monday, May 26, 2008

New Process Activity Monitor – now with quick access to rules

This Monday we’re looking at a new layout for an old feature – the Process Activity monitor. In both Outpost 2008 and 2009, this tab was situated with the Host protection module which enables the program to proactively block zero-day threats and potential viruses before they can infect a PC. By tracking running processes and their characteristics, it is possible to analyze their status and easily implement firewall rules to ensure the best protection.

You may remember that our first posting in this 2009 series was focused on Network Activity Monitor improvements. We’ve tweaked the Process Activity display in the same way – it now uses a tree-like structure that will remind you of Process Explorer.

For instance, in this tab you can access details on how the process was started, the rules related to this or that application, and other properties with a simple double-click. To terminate a process, you can either right- click and choose Terminate or hit the Delete key. These are just a couple of examples.

To expand a little:

All the “branches” of the tree are maximized by default, and you’ll find corresponding icons beside every application name. The Toggle Sort command (see the Context Menu screenshot below) leads to the “flat” structure display, with sorting enabled. All unknown (unsigned) applications are displayed in dark blue.

The 2009 Process Activity layout offers three columns by default:

- Process
- Company
- Anti-Leak Rules

plus additional columns:

- PID [Process Identifier]
- Connections
- Bytes Sent/Recv
- Speed Sent/Recv
- Full Path

Here's how the Context Menu for a process looks:









For comparison, we suggest you take a look at the current Process Activity module in Outpost 2008:


Now here’s the new 2009 design:


We believe we’ve done the right thing and made the access to rules easier and the overall display much clearer. The 2009 design gives you more control over the program, as all the essential properties are easily available, so you can edit or disable a process instantly – essential when you’re dealing with a potential malware infection.

As always, we encourage you to join our beta program at http://www.agnitum.com/products/outpost/betatest.php and evaluate the product yourself! You can read our 2009-related Monday blog at http://agnitumblog.blogspot.com/search/label/monday%20update%202009 or subscribe to the RSS feed.

See you next Monday for another great new Outpost 2009 feature analysis!

Take care online,

Alexey Belkin,
Chief Software Architect, Agnitum

5 comments:

Manny said...

I've been testing this new version as a beta tester and now since Agnitum has revealed the new Process Activity monitor I can talk about it.

I really like this feature laid out like Process Explorer. In fact, it's a mini Process Explorer that is always available.

I like it a lot. Well done.

Agnitum BLOG said...

Thank you, Manny! We're looking forward to new observations from you.

Alexey Belkin

Claudio Valderrama C. said...

Have you measured how expensive are these new, realtime reporting abilities?
I mean the stress they impose on the system, querying constantly the information provided by the operating system. I assume it implies more CPU consumption.
I think we all love the Outpost performance and don't want it to become a turtle (and worse, a resource hog) like Symantec products.

Agnitum BLOG said...

Claudio, thanks for the question!

Don't worry the program won't become a "turtle". The resource consumption here is comparable to that of, say, Task Manager, even lower actually.

Pavel Goryakin
Agnitum

Manny said...

I can vouch for that Claudio. On my 4 year old middle of the road XP system there is no difference in the use of system resources. For what it does Outpost is very light on its feet. My CPU cycle consumption due to OP is normally 1-3%.