A virtual browser is a special type of web browser that runs in a virtual environment. Most computer users browse the web to search for information, carry out online transactions, communicate with others, and much more using a web browser that is simply installed on their local endpoint machine. Browsing the web in this way can expose a user device to a variety of different web-based threats, such as malware, viruses, adware, trojans, and ransomware, to name but a few.

A virtual browser is one alternative that can be used to mitigate such web-borne threats. Instead of running a web browser on the local user device, the browser runs in a virtual environment, and is therefore isolated from the local computer's operating system. This means that if there happens to be a malicious script that is run from within the virtual machine, it will not have access to the user's operating system. There are two common ways in which the browser can be isolated - it can be isolated through using a virtual machine, or by running the browser in the cloud, away from the endpoint entirely. This particular decision depends on the individual requirements of the system, and the specific architecture of the current network.

Preventing web-based malware infections

From a security standpoint, virtual browsers can act as an effective protective barrier from web-based malware. A remote browser solution, whereby the remote browser is in the cloud, provides even greater protection than the typical client-side virtual browser configuration (using virtual machines), as malware cannot reach the endpoint machine at all, and so has no opportunity to infect it.
When a suitable remote browser solution is used, the user no longer needs be concerned with web-borne threats, that would otherwise pose a risk to the security of their computer, and to other computers on the network. This is especially relevant when it comes to computers that are attached to a large organizational network. In these cases, a single web-based threat on one machine could infiltrate the entire network and have large scale negative consequences for the whole organization.

Avoiding browser compatibility issues

Sometimes, web-based applications will only run on a specific version of a browser. As an example, some older applications were built to be run on outdated versions of Internet Explorer. Using an old version of Internet Explorer is not ideal for general access to the web, as it is no longer supported by Microsoft, and many websites will not display properly. However, in cases when a specific web application was designed for use on an older browser, a virtual browser can be used. The browser can be configured to allow the application to run as if it were using the older, deprecated browser, when it is not installed on the user's machine.

Testing across different browsers

Web developers can use virtual browsers to test their projects on different versions of a browser. For example, a developer may create a website for Google Chrome, and then discover it does not behave correctly on Internet Explorer. With a remote browser, they are able to check for issues when browsing with each different browser, even traversing to previous versions of the browsers, and discover if there are any browser-specific bugs or quirks that need addressing. This particular use case allows developers to ensure that the browser experience is consistent across all popular browsers, for optimized usability.

The terms "virtual browser" and "remote browser" may seem synonymous, but that is not entirely true. An ordinary virtual browser can be physically located on either the user's endpoint machine, or on a remote machine. In either case, it involves a complex infrastructure implementation in order to make it work. If the browser is located on the endpoint machine, it must of course still remain separate from the operating system, so as to protect the user's computer system.

While remote browsers are similar in concept to virtual browsers, there is a difference in the way they are implemented. In place of a complex implementation, the remote browser is run in a lightweight Linux container, and no web code is run on the user's device, even outside of the operating system. Remote browsers are more cost effective than a typical client-side virtual browser, which would require certain hardware to work, as well as specific server/client configurations. Remote browsers also tend to be far more secure than their client-side counterparts.

For more information about Virtual Browsers, see these blog posts:

Close the Security-Usability Gap with the Right RBI Solution

Phishing Attacks Getting Sneakier with Open Redirects

Why Remote Browser Isolation (RBI), Why Now?