Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Related Manuals for FARONICS ANTI-EXECUTABLE ENTERPRISE
Summary of Contents for FARONICS ANTI-EXECUTABLE ENTERPRISE
- Page 1 Anti-Executable Enterprise User Guide...
- Page 2 Last modified: December, 2009 © 1999 - 2009 Faronics Corporation. All rights reserved. Faronics, Deep Freeze, Faronics Core Console, Faronics Anti-Executable, Faronics Device Filter, Faronics Power Save, Faronics Insight, Faronics System Profiler, and WINSelect are trademarks and/or registered trademarks of Faronics Corporation. All other company and product names are trademarks of their respective owners.
-
Page 3: Table Of Contents
Exporting Anti-Executable Configurations ........36 Retrieving settings from Faronics Core Console ....... . 37 White List Tab. - Page 4 Uninstalling Using Faronics Core Console ........
-
Page 5: Preface
Preface Anti-Executable protects computers by preventing unauthorized executables from running. Topics Important Information Technical Support Definition of Terms Anti-Executable Enterprise User Guide... -
Page 6: Important Information
Product Documentation The following documents form the Faronics Anti-Executable documentation set: • Faronics Anti-Executable User Guide — This document guides you how to use the product. • Faronics Anti-Executable Release Notes — This document lists the new features, known issues and closed issues. -
Page 7: Technical Support
• Fax: 800-943-6488 or 604-637-8188 • Hours: Monday to Friday 7:00am to 5:00pm (Pacific Time) • Address: Faronics Technologies USA Inc. 2411 Old Crow Canyon Road, Suite 170 San Ramon, CA 94583 Faronics Corporation 609 Granville Street, Suite 620 Vancouver, BC V7Y 1G5... -
Page 8: Definition Of Terms
Anti-Executable users, set Anti-Executable protection to Enabled or Disabled, and uninstall/upgrade Anti-Executable. Anti-Executable A software library that extends the functionality of Faronics Core Console Console Loadin allowing full control over the configuration and operation of Anti-Executable installed on remote workstations. - Page 9 A folder, and its sub-folders, from which any executable can be launched. White List A list of executables, or folders containing executables, that are allowed to run by Anti-Executable. Workstation Any client or remote machine using the Operating System specified in the System Requirements. Anti-Executable Enterprise User Guide...
-
Page 10: Introduction
Introduction Introduction Anti-Executable protects machines by preventing unauthorized executables from running. Topics Anti-Executable Overview System Requirements Anti-Executable Licensing Anti-Executable Enterprise User Guide... -
Page 11: Anti-Executable Overview
Server Remote computers loaded with server operating systems* Enterprise *Enterprise versions allow to protect multiple computers from a central console called Faronics Core Console. About Faronics Core Console Faronics Core Console is a lightweight, high performance, secure, easy-to-learn, and integrated framework for the management of multiple Faronics products. -
Page 12: System Requirements
Introduction System Requirements Console Requirements Information on Faronics Core Console system requirements can be found in the Faronics Core Console user’s guide. Workstation Requirements Anti-Executable can be installed on the following operating systems: — 32-bit edition of Windows XP SP3 and 64-bit edition of Windows XP SP2. -
Page 13: Anti-Executable Licensing
Anti-Executable is available in both Full and Evaluation versions. An Evaluation version can be downloaded for free from Faronics' web site (www.faronics.com) and it will be fully operational for 30 days after installation. An expired Evaluation version will not protect the machine and must be uninstalled or upgraded to a Full Version. - Page 14 Introduction Anti-Executable Enterprise User Guide...
-
Page 15: Installing Anti-Executable
Installing Anti-Executable This chapter describes the installation process of Anti-Executable. Topics Installation Overview Installing Anti-Executable Loadin Anti-Executable Enterprise User Guide... -
Page 16: Installation Overview
Anti-Executable features installers for 32- and 64-bit versions of Windows Server 2003, Windows Server 2008, Windows XP SP3, and Windows Vista. If you are installing on a remote computer via Faronics Core Console, the appropriate installer is selected automatically. However, before installing manually, verify the operating system version... -
Page 17: Installing Anti-Executable Loadin
1. Insert the CD-ROM from the Media Package into the CD-ROM drive. If Anti-Executable has been downloaded via the Internet, double-click the Anti-Executable_Console_Loadin_Installer.exe file to begin the installation process. Click Next to continue. 2. Read and accept the License Agreement. Click Next to continue. Anti-Executable Enterprise User Guide... - Page 18 Core\Loadins\Anti-Executable. Click Next to continue. 4. Click Install to begin the installation. 5. Click Finish to complete the installation. If Faronics Core Console was running when Anti-Executable was being installed, an immediate Faronics Core Console restart is recommended following installation.
- Page 19 Installing Anti-Executable Loadin Once the Loadin has been successfully installed, Faronics Core Console displays a list of Anti-Executable specific features in the Actions pane when one or more workstations have been selected. There are also specific columns displayed in the workstation list as illustrated below.
- Page 20 Console Tree Pane —Display Faronics Core Console properties, workstations and groups, scheduled tasks, and generated reports. • Workstations List — The list of all workstations that have reported to Faronics Core Console. This list also displays columns regarding workstation-specific information. •...
-
Page 21: Installing Anti-Executable On A Workstation Manually
Installing Anti-Executable on a Workstation Manually Before installing Anti-Executable on a workstation, copy appropriate .msi file from the path C:\Program Files\Faronics\Faronics Core\Loadins\Anti-Executable\Workstation Installers on the computer where the Anti-Executable Loadin is installed to one or more workstations. To install Anti-Executable manually on a workstation after copying the file, complete the following steps: 1. - Page 22 Installing Anti-Executable 4. Specify the install location. The default is C:\Program Files\Faronics\AE. Click Next to continue. 5. This step is optional. Specify the Anti-Executable Administrator and Trusted User passwords. These passwords can also be set in the Anti-Executable Users tab following installation. Click Next to continue.
- Page 23 6. The Automatic Scanning and White List Creation dialog is displayed. Select Enable if you want Anti-Executable to automatically scan all non-removable drives on the computer and create a White List. Click Install to install Anti-Executable. 7. Click Finish to complete the installation. Anti-Executable Enterprise User Guide...
- Page 24 Creation dialog, Protection is enabled and there is an Active White List when the computer restarts. If the Enable check box is not selected in the Automatic Scanning and White List Creation dialog, Protection is disabled and there is no Active White List when the computer restarts. Anti-Executable Enterprise User Guide...
-
Page 25: Installing Or Upgrading Anti-Executable On A Workstation Via Faronics Core Console
To install or upgrade Anti-Executable on one or more workstations, complete the following steps: 1. Select one or more workstation from the list in Faronics Core Console and select Actions pane > Configure Workstation > Advanced > Install/Upgrade Anti-Executable, or right-click on a workstation from the list in Faronics Core Console and select Configure Workstation >... - Page 26 Creation dialog, Protection is enabled and there is an Active White List when the computer restarts. If the Enable check box is not selected in the Automatic Scanning and White List Creation dialog, Protection is disabled and there is no Active White List when the computer restarts. Anti-Executable Enterprise User Guide...
-
Page 27: Accessing Anti-Executable
Accessing Anti-Executable Topics Overview Accessing Anti-Executable via Faronics Core Console Accessing Anti-Executable Enterprise on a Workstation Anti-Executable Enterprise User Guide... -
Page 28: Overview
Anti-Executable Enterprise can be accessed through Faronics Core Console or directly from the workstation where it is deployed. The account used by Faronics Core Console to communicate with a workstation must be a Windows administrator account that is valid on that workstation. Communication from Faronics Core Console to the workstation occurs under the context of that account. -
Page 29: Accessing Anti-Executable Via Faronics Core Console
Mouse/Keyboard — This column specifies if the mouse and keyboard of one or more selected workstations are enabled or disabled. For information on the other columns in the Workstation list, refer to Faronics Core Console documentation. Executing Anti-Executable Commands via Faronics Core Console Anti-Executable commands can be accessed via the right-click context menu. - Page 30 Accessing Anti-Executable Anti-Executable commands can also be accessed via Faronics Core Console Actions pane located on the right side of the Faronics Core Console window. The Actions pane lists these tasks once a workstation has been selected from the list.
-
Page 31: Scheduling Actions
Accessing Anti-Executable via Faronics Core Console Scheduling Actions Anti-Executable and Faronics Core Console events can be scheduled to occur on one or more workstations at a date and time convenient to the administrator. Click on one or more workstations and select Schedule Action. The sub-menus which appear contain the following list... -
Page 32: Accessing Anti-Executable Enterprise On A Workstation
Accessing Anti-Executable Accessing Anti-Executable Enterprise on a Workstation Anti-Executable is accessed directly on a workstation by holding down the Shift key and double-clicking on the Anti-Executable icon in the Windows System Tray. The Ctrl + Alt + Shift + F10 hotkey sequence can be used as well. -
Page 33: Using Anti-Executable
This chapter describes the procedure to configure and use Anti-Executable. Topics Overview Status Tab White List Tab Adding Blocked Executables to the Active White List Black List Tab Users Tab Setup Tab Creating an Anti-Executable Report through Faronics Core Console Anti-Executable Enterprise User Guide... -
Page 34: Overview
Setup — Used to configure Stealth Mode, manage logging, alert messages, and enable Anti-Executable compatibility with Deep Freeze. Anti-Executable Trusted Users have access only to the Status, White Lists, and Black Lists tabs. The Windows administrator user account that performed the installation is the first Anti-Executable Administrator. Anti-Executable Enterprise User Guide... -
Page 35: Status Tab
Anti-Executable expires. To convert an Evaluation version of Anti-Executable to a Full version, click Edit and enter a valid License Key in the License Key field. License Keys can be obtained by contacting Faronics. Anti-Executable Enterprise User Guide... -
Page 36: Enabling Anti-Executable Protection
Anti-Executable. The Disable Keyboard and Mouse check box is available only while accessing Anti-Executable via Faronics Core Console. This is to ensure that a computer that has its keyboard and mouse disabled can still be managed remotely via Faronics Core Console. -
Page 37: Retrieving Settings From Faronics Core Console
Retrieving settings from Faronics Core Console The Status pane retrieves and displays all the settings of a single workstation. When a single workstation is selected and Anti-Executable is launched via Faronics Core Console, the workstation settings are retrieved automatically. The status can only be retrieved when a single workstation is selected. -
Page 38: White List Tab
Executables installed on a remote workstation cannot be added to the Active White List unless the remote workstation is visible through the file browser in the Anti-Executable Scan dialog. White Lists can be applied and deployed to workstations via Faronics Core Console or manually on each workstation. -
Page 39: Using The Anti-Executable White List Editor
New — Opens the White List Editor and creates a new White List. • Open — Opens an existing White List for editing. • Edit — Opens the White List editor to add or remove executables and/or folders to the Active White List. Anti-Executable Enterprise User Guide... -
Page 40: Creating A New White List
To create a new White List complete the following steps: 1. Launch Anti-Executable. — To launch Anti-Executable via Faronics Core Console, select a workstation, right-click and select Anti-Executable > Configure Anti-Executable. Click the White List tab after the workstation status has been retrieved. - Page 41 — To merge the folders or executables with an existing White List, click Merge. The Open dialog appears. Select an existing White List and click Open. The contents of the existing White List are merged with the scanned list of files or executables. Click Save to save the Anti-Executable Enterprise User Guide...
-
Page 42: Activating A White List
After a White List has been created, it can be set as the Active White List by clicking the (browse) button in the Active White List section of the White List tab. The browse button launches an Open dialog. Browse to the White List and click Open. Anti-Executable Enterprise User Guide... -
Page 43: Adding Executables Or Folders To An Existing White List Using The White List Editor
White List. • Multiple White Lists can be opened and edited at the same time. Only one White List can be set as an Active White List at a time. Anti-Executable Enterprise User Guide... -
Page 44: Adding Blocked Executables To The Active White List
External users do not have the necessary permissions to Allow, Deny, or Allow and Add to White List. External users attempting to launch executables not in the Active White List are notified that the executable has been blocked. Refer to the section on Customizing Alerts for more information. Anti-Executable Enterprise User Guide... -
Page 45: Black List Tab
To configure Anti-Executable Black Lists through Faronics Core Console, click Properties in the Actions pane on the right side of Faronics Core Console. Or, right-click Faronics Core Console in the left pane and select Properties from the contextual menu. To access the Properties option, the user must be in the top level node. -
Page 46: Using The Anti-Executable Black List Editor
New — Opens the Black List Editor and creates a new Black List. • Open — Opens an existing Black List for editing. • Edit — Opens the Black List editor to add or remove executables and/or folders to the Active Black List. Anti-Executable Enterprise User Guide... -
Page 47: Creating A New Black List
Creating a New Black List To create a new Black List complete the following steps: 1. Launch Anti-Executable. — To launch Anti-Executable via Faronics Core Console, select one or more workstations, right-click and select Anti-Executable > Configure Anti-Executable. Click the Black Lists tab. - Page 48 — To search for a particular folder or executable, enter one or more characters from the folder name or executable name in the Search field. The list is filtered based on the characters entered. — To sort the executables added by date, click the title of the Date column. Anti-Executable Enterprise User Guide...
-
Page 49: Activating A Black List
Black List. • Multiple Black Lists can be opened and edited at the same time. Only one Black List can be set as an Active Black List at a time. Anti-Executable Enterprise User Guide... -
Page 50: Users Tab
Administrators or Trusted users. Windows user accounts that are not Administrators or Trusted Users are External users. To add a user to Anti-Executable, perform the following steps: 1. Click the Users tab at the top of the Anti-Executable window. Anti-Executable Enterprise User Guide... -
Page 51: Removing An Anti-Executable Administrator Or Trusted User
Removing an Anti-Executable Administrator or Trusted User Click on the Users tab and select the user to be removed. Click Remove. This does not remove the user’s Windows user account. The user has now become an external user. Anti-Executable Enterprise User Guide... -
Page 52: Enabling Anti-Executable Passwords
Passwords only apply to the members of the associated groups. To specify a password, ensure the Enable check box is selected and enter the password in the New Password and Confirm Password fields. Click Apply to save any changes. Anti-Executable Enterprise User Guide... -
Page 53: Setup Tab
Hide Notification — prevents the Alert from being displayed. • Hide icon on system tray — hides the Anti-Executable icon in the system tray. • Disable splash windows — disables the Anti-Executable splash window that is displayed before Anti-Executable is launched. Anti-Executable Enterprise User Guide... -
Page 54: Deep Freeze Maintenance Compatibility
Using Anti-Executable Deep Freeze Maintenance Compatibility This feature is applicable only when Faronics Deep Freeze and Faronics Anti-Executable are installed on the computer. The Deep Freeze Maintenance Mode Compatibility feature allows the Administrator to synchronize the Maintenance Modes of Deep Freeze and Anti-Executable. -
Page 55: Creating An Anti-Executable Report Through Faronics Core Console
Creating an Anti-Executable Report through Faronics Core Console Creating an Anti-Executable Report through Faronics Core Console To view the log for one or more selected workstations, right-click the workstation(s) and select Generate Report > Anti-Executable Report. The following dialog appears:... - Page 56 Using Anti-Executable Anti-Executable Enterprise User Guide...
-
Page 57: Command Line Control
Command Line Control This chapter explains the various Command Line Controls available for Anti-Executable. Topics Command Line Control Anti-Executable Enterprise User Guide... -
Page 58: Command Line Control
Changing a password, if one exists, requires the old password. Disable [path]AEC protect off [/force] /PW=<password> Anti-Executable The switch /force must be used if Anti-Executable is in Maintenance Mode. Disable Deep [path]AEC DFCompatibility /disable /PW=<password> Freeze Compatibility Anti-Executable Enterprise User Guide... - Page 59 [path] AEC generateBlackList <New Black List path and List name.aebl> <Directory from which to start> [/apply] /PW=<password> Generate Black [path]AEC generateBlackList <New Black List path and List and exclude name.aebl> <Directory from which to start> /NoSub Sub-Folders [/apply]/PW=<password> Anti-Executable Enterprise User Guide...
- Page 60 C:\Program Files C:\Commonly Used Files The switch /apply must be used with the switch /WhiteListOnly. Generate White [path]AEC generateWhiteList <New White List path and List and select name.aewl> <"My Computer"> [/apply] /PW=<password> My Computer as scanning destination Anti-Executable Enterprise User Guide...
- Page 61 C:\ at the end of the command indicates that the White List will contain all the executable files currently present on the C drive. The second command makes the White List engineeringLab the active White List. In both cases, the password for the administrator is specified as <password>. Anti-Executable Enterprise User Guide...
-
Page 62: Silent Install Commands
Silent install msiexec /q /i [path] <Product MSI> AEADMINPSW=[password] (set passwords) TRUSTEDUSRPSW=[password] Silent install msiexec /q /i [path] <Product MSI> AEPRODUCTKEY=[License (set product key key] /Full version install) Silent uninstall msiexec /q /x [path] <Product MSI> Anti-Executable Enterprise User Guide... -
Page 63: Uninstalling Anti-Executable
Uninstalling Anti-Executable Topics Uninstalling Using Faronics Core Console Uninstalling on a Workstation using the Uninstall Wizard Anti-Executable Enterprise User Guide... -
Page 64: Uninstalling Using Faronics Core Console
Uninstalling Anti-Executable Uninstalling Using Faronics Core Console Anti-Executable can be removed from one or more workstations using Faronics Core Console. To uninstall Anti-Executable perform the following steps: 1. Open Faronics Core Console. 2. Click on the Workstations icon in the left pane of Faronics Core Console. - Page 65 Protection is set to Disabled. Anti-Executable can be removed by double-clicking on the .msi file used to install Anti-Executable. The Setup Wizard appears: 1. Click Next to begin the uninstall. 2. Click Remove followed by Next. 3. Click Remove. Anti-Executable Enterprise User Guide...
- Page 66 Uninstalling Anti-Executable 4. Click Finish to complete the uninstall. 5. Following a successful uninstall, a workstation restart is required. Click Yes to restart immediately or No to restart later. An immediate workstation restart is recommended following uninstall. Anti-Executable Enterprise User Guide...
-
Page 67: Uninstalling The Anti-Executable Loadin
Start > Control Panel > Add/Remove Programs > Anti-Executable Loadin > Remove. Uninstalling the Anti-Executable Loadin will remove all Anti-Executable management capabilities from Faronics Core Console. It will not remove Anti-Executable installations from the individual workstations. Anti-Executable Enterprise User Guide... - Page 68 Uninstalling Anti-Executable Anti-Executable Enterprise User Guide...
Need help?
Do you have a question about the ANTI-EXECUTABLE ENTERPRISE and is the answer not in the manual?
Questions and answers