Is there any way to block untrusted file or to put a restriction on it when Sonar fails to catch it? Lets say SONAR and autoprotect function do not recognize a certain file as a danger while the file is harmful, so the program is running on computer with full rights. As we know SONAR technology is highly automatic and barely requires any interaction from user.Does Symantec have any plans to introduce a kind of “run safer area” where unverified files couldn’t impact on system in its critical areas , because such files would run in virtual or highly restricted environment ? Then user could make a decison on his own( when SONAR fails) and terminate any suspicious program without any damage. Is there a need for such solutions in NIS, I mean extended HIPS features or similar to sandoxie capabilities?