Getting Started Guide
Contents
1. Screenshot 16 Selecting control entities 8 In the Add permissions dialog select the Device categories option and click Next to continue 26 Testing GFI EndPointSecurity Getting Started Guide Add permissions Device categories Select the device categories for which to setup the permissions Floppy Disks amp co ovo cw Storage Devices C Printers PDA Devices amp Network Adapters Modems Eii agir E 2 Human Interface Devices Not c B Other Devices Screenshot 17 Selecting device categories to assign permissions 9 Enable the CD DVD device category and click Next Add permissions Users Select the users groups which will have access to the devices parts Users list User Group Name Select Users or Groups Users Groups or Built in secunty principals From this location Mmasterdamain com Locations Enter the object names to select examples John Doe johndoeimastendomain com Screenshot 18 Adding users or groups 10 Click Add and specify the user with no administrative privileges to have access to the CD DVD device category specified in this protection policy and click OK Getting Started Guide Testing GFI EndPointSecurity 27 Add permissions Users Select the users groups which will have access to the devices ports Users list User Group Name Access Read 2 JohnDoe Screenshot 19 Selecting permission types per user or group 112. Device usage allowed blocked The user either receives an error message indicating that device usage has been blocked or else is allowed to access the device 2 6 How GFI EndPointSecurity works Temporary access GFI EndPointSecurity temporary access operations can be divided in three logical stages temporary access Input unlock code F p Generate request code User requests and activates temporary Gevice access Input temporary Specify device access request Category and code connectivity port request code 4 Administrator Specify time Generate unlock Grants lemporary access restriction code Figure 3 Requesting granting temporary access Stage 1 User requests temporary device access The user executes the GFI EndPointSecurity Temporary Access tool from the computer on which the device is to be accessed The tool is used to generate a request code which the user communicates with the administrator The user also needs to inform the administrator on the device types or connection ports that need to be accessed and for how long will devices ports access be required Stage 2 Administrator grants temporary access The administrator uses the Temporary Access feature within the GFI EndPointSecurity management console to enter the request code specify devices ports and time restrictions An unlock code is generated which the administrator then communicates with the user Stage 3
3. GFI Product Manual GFI EndPointSecurity Getting Started Guide http www gfi com info gfi com The information and content in this document is provided for informational purposes only and is provided as is with no warranty of any kind either express or implied including but not limited to the implied warranties of merchantability fitness for a particular purpose and non infringement GFI Software is not liable for any damages including any consequential damages of any kind that may result from the use of this document The information is obtained from publicly available sources Though reasonable effort has been made to ensure the accuracy of the data provided GFI makes no claim promise or guarantee about the completeness accuracy recency or adequacy of information and is not responsible for misprints out of date information or errors GFI makes no warranty express or implied and assumes no legal liability or responsibility for the accuracy or completeness of any information contained in this document If you believe there are any factual errors in this document please contact us and we will review your concerns as soon as practical All product and company names herein may be trademarks of their respective owners GFI EndPointSecurity is copyright of GFI SOFTWARE Ltd 1999 2011 GFI Software Ltd All rights reserved Document Version ESEC GSG EN 01 00 01 Last updated September 6 2011 Contents 1 Introduct
4. Enable the Access Read and Write permissions and click Finish To deploy the protection policy updates on to the local computer 1 From the right pane click on the top warning message to deploy the protection policy updates The view should automatically change to Status gt Deployment 2 From the Deployment History area confirm the successful completion of the update onto the local computer Re accessing a CD DVD disc Upon the assignment of user permissions the specified user with no administrative privileges should now be allowed to access CD DVD discs through CD DVD drives connected to the local computer To verify that both the device and media are now accessible to the non administrative user 1 Log in to the local computer as the user with no administrative privileges 2 Insert the same CD DVD disc in the CD DVD drive 3 From the Windows Explorer locate the CD DVD drive and confirm that you are now able to view and open the contents stored on the CD DVD disc 5 2 3 Reverting settings To revert any GFI EndPointSecurity configuration settings back to the pre test scenario do the following for the user with no administrative privileges 1 Remove the user account from the local computer if it was created only for this test and is no longer required 2 Manually include the user in the power users list if it was set as a power user prior to this test For more information refer to the GFI EndPointSecurity Administratio
5. Getting Started Getting Started Guide 5 Testing GFI EndPointSecurity 5 1 Introduction Once GFI EndPointSecurity is installed and the Quick Start wizard is completed test your installation to ensure that GFI EndPointSecurity is working correctly Follow the instructions in this section to verify the correctness of both the GFI EndPointSecurity installation as well as the operations of the shipping default protection policy 5 2 Verifying operations of the shipping default protection policy The following test pre conditions and settings are required ONLY for the purpose of this test For detailed information about how to configure and deploy device access protection policies and about the options provided by GFI EndPointSecurity refer to the GFI EndPointSecurity Administration and Configuration Manual 5 2 1 Test pre conditions Device setup For the following test you require a CD DVD drive connected to the local computer a CD DVD disc containing accessible contents preferably a disc the contents of which were accessible prior to the installation of GFI EndPointSecurity E Other devices and media may be used such as Floppy Disks or pen drives User accounts For this test ensure the availability of two user accounts on the local computer same computer where GFI EndPointSecurity application is installed one with no administrative privileges one with administrative privileges Configuration settings The con
6. Power Users Power Users 2 Select the users to whom you want to grant full access to the d Se devices connected to the computers protected by this protection policy Power Users User Group name Select Users Computers or Groups Select this object type Users Groups or Built in security principals Object Types From this location Enter the object names to select examples Check Names Bob Jones bjonestimasterdomain com Screenshot 9 Power users options 3 In the Power Users dialog Cancel Option 1 Click Add to specify the user s group s which will be set as power users for this protection policy and click OK Option 2 Highlight user s group s and click Remove to demote from power users and click OK 4 Click Next Step 3 Configuring users groups GFI EndPointSecurity provides you with the facility to create user groups with specific rights for each device category and connectivity port selected by the administrator In an environment where GFI EndPointSecurity is installed on a computer joined to an Active Directory domain GFI EndPointSecurity creates Active Directory domain groups whereas in an environment where GFI EndPointSecurity is installed on a computer joined to a workgroup GFI EndPointSecurity creates local system groups New users can be added directly to a specific user group from Active Directory Users a
7. RR Create domain users groups for the following device categones and connectryity ports Floppy Disks USE ey CD DVD Firewire Sa Storage Devices FEMEIA Printers Bluetooth PDA Devices gt Serial amp Parallel Network Adapters T Infrared a Modems Secure Digital SO Sl Imaging Devices Internal Human Interface Devices 8 Other Devices Select All Screenshot 11 Users Groups options 3 In the Configure Users Groups dialog enable or disable the required device categories and connectivity ports which will be controlled by the protection policy and click Close 20 Getting Started Getting Started Guide 4 Click Next Step 4 Configuring database backend GFI EndPointSecurity provides you with the facility to keep an audit trail of all events generated by GFI EndPointSecurity agents deployed on target computers In this step you can choose Not to configure a database To download and install an instance of Microsoft SQL Server Express Edition as well as to automatically create a database for GFI EndPointSecurity upon completion of the database installation To connect to an available Microsoft SQL Server instance and then you can either connect to an existing database or else create a new one By default GFI EndPointSecurity will pre select the best option based on your current environment setup to better guide you in your selection Quick Start Quick Start Follow these st
8. FO4 3242010 5 01 50 PM Agent configuration updated on computer P01 24 2010 1 51 27 PM Agent installed on computer WINSERYA computers in a network 372472010 1 50 17 PM Agent installed on computer P01 3242010 1 50 16 PM Agent installed on computer PO4 Remove selected computers Screenshot 15 GFI EndPointSecurity management console Tabs Use this feature to navigate between the different tabs within GFI EndPointSecurity management console The available tabs are Status To monitor the status of GFI EndPointSecurity and statistical information on device access Activity To monitor devices used on the network Configuration To access and configure the default protection policies Tools To scan target computers and discover connected devices Reporting To see information regarding the GFI EndPointSecurity ReportPack General To check for GFI EndPointSecurity updates as well as version and licensing details 2 Sub tabs Use this feature to access more information and settings within GFI EndPointSecurity management console Left pane Use this pane to access the configuration options provided in GFI EndPointSecurity The configuration options are grouped into several sections including Common Tasks Actions and Help sections Available only for some tabs 4 Right pane Use this pane to configure the configuration options selected from the left pane Available only for some tabs 24
9. Navigating the GFI EndPointSecurity management console 23 5 Testing GFI EndPointSecurity 25 Det MVCROGUCTION ee ee ae ee re ee Peer 25 5 2 Verifying operations of the shipping default protection policy 25 6 Miscellaneous 29 6 1 TMP OGUCHOM nennen rer 29 6 2 Entering your license key after installation cccecceeceecceeceeees 29 6 3 Checking for newer GFI EndPointSecurity Versions ssceeccecceeees 29 7 Troubleshooting 31 TA MACRO GUGTION ee cone cane cues eran ee ranean 31 7 2 COMMMOMNMAISSUCS seca seen re nee ee 31 7 3 Knowledge Base nennen ee 31 TAs Web FOL ee re re re 31 7 5 Request technical support cece cece cece ccc ee cee ceeeeeeceeceeeceeceeees 31 7 6 BUWGNMOEITIC ACI ON nee 31 Tak DOCUMENTAN au ea 31 8 Glossary 32 9 Appendix 1 Deployment error messages 35 Index 9 1 Introduction 9 2 Deployment error messages List of screenshots Screenshot 1 GFI EndPointSecurity installation domain administrator account setup Screenshot 2 GFI EndPointSecurity installation license key details Screenshot 3 GFI EndPointSecurity Quick Start wizard Start step Screenshot 4 GFI EndPointSecurity Quick Start wizard Auto Discovery step Screenshot 5 Auto Discovery options Screenshot 6 Discovery Area options Screenshot 7 Actions options Screenshot 8 GFI EndPointSecurity Quick Start wizard Power Users step Screenshot 9 Power users options
10. User activates temporary device access Once the user receives the unlock code sent by the administrator this code is entered in the GFI EndPointSecurity Temporary Access tool to activate the temporary access and to be able to use the required devices ports 2 7 Supported device categories In GFI EndPointSecurity device categories are organized into the following categories amp Floppy disks amp CD DVD Cs Storage Devices USB Pen drives Digital Media Players e g MP3 MP4 players Flash and Memory Card Readers Multi drive USB devices i e devices that do not mount as a single drive Getting Started Guide About GFI EndPointSecurity 7 Other portable storage devices Printers 4 PDAs Pocket PCs Smart phones Network Adapters Wi Fi Removable Network Adapters e g USB Firewire PCMCIA Modems Smart phones Mobile phones all Imaging Devices Digital Cameras Webcams Scanners Human Interface Devices Keyboards Mice Game controllers Other Devices Bluetooth dongles ports Infrared dongles ports MO magneto optical drives internal and external Zip drives Tape drives 2 8 Supported connectivity ports GFI EndPointSecurity scans for devices that are or have been connected on the following ports USB Firewire 7 PCMCIA Bluetooth 7 Serial amp Parallel Infrared B secure Digital SD Internal e g optical drives connected internally on PCI 8 About GFI EndPointSecurity Getting Started G
11. agent can be installed on the following operating systems x86 or x64 Microsoft Windows Server 2008 R2 x64 Standard or Enterprise edition Microsoft Windows Server 2008 Standard or Enterprise edition Microsoft Windows Small Business Server 2008 Standard edition Microsoft Windows Server 2003 Standard Enterprise or Web edition Microsoft Windows Small Business Server 2003 Microsoft Windows 7 Professional Enterprise or Ultimate edition Microsoft Windows Vista Enterprise Business or Ultimate edition Microsoft Windows XP Professional 3 3 Upgrading from earlier versions If you have GFI LANguard Portable Storage Control or an earlier version of GFI EndPointSecurity it is possible to upgrade to GFI EndPointSecurity 4 3 3 3 1 Upgrading from GFI EndPointSecurity 3 or later Upgrading from GFI EndPointSecurity 3 or later to GFI EndPointSecurity 4 3 is straightforward The upgrade process is part of the GFI EndPointSecurity 4 3 installation process and includes Uninstalling GFI EndPointSecurity 3 or later Importing GFI EndPointSecurity 3 configuration settings Importing configuration settings from GFI EndPointSecurity 3 or later When installing GFI EndPointSecurity you are asked to confirm whether you want to import configurations from the previous version Click Yes to import configurations You are then prompted to specify which of the following configurations to import Protection Policies
12. computer is disabled Agent deployment onto the target computer is either taking too long to complete or else is blocked The GFI EndPointSecurity agent was not able to be installed or uninstalled by the service running on the target computer Installation of the GFI EndPointSecurity agent is complete but is not marked as installed within the registry The version and build numbers of the GFI EndPointSecurity agent are not the same as those of the GFI EndPointSecurity management console Uninstallation of the GFI EndPointSecurity agent is complete but is not marked as uninstalled within the registry GFI EndPointSecurity has encountered an unexpected error Deployment error messages For more details about the cause of the error and a possible solution refer to the system error message within the parenthesis For further information about network connectivity and security permissions refer to http kbase gfi com showarticle asp id KBID003 754 Please try to deploy the GFI EndPointSecurity agent again For more details about the cause of the error and a possible solution refer to the system error message within the parenthesis For more details about the cause of the error and a possible solution refer to the agent installation log files on the target computer at windir EndPointSecurity For more details about the cause of the error and a possible solution refer to the agent installation log
13. database settings Please specify the name or IF of the machine hosting the Microsoft SUL Serer MSDE database you want bo use Server WIN ZE SS OIL Database Esec Use Windows authentication Use Microsoft SOL Server authentication User z Pazzword Screenshot 13 Database setup options 2 In the Database Backend dialog select or key in the server name IP address of an available database server or of a new SQL instance from the Server dropdown list 3 Key in the database name in the Database field 4 Select the authentication method to be used when connecting to the database backend server and click OK E If Use Microsoft SQL Server authentication is selected key in the login username and password of the database backend server 5 Click Next and wait for the wizard setup to complete 22 Getting Started Getting Started Guide Quick Start Quick Start Br Follow these steps to get the SFI EndPointSecurity up and running GFIEndP ointSecurity Start The EndPointSecurity Configuration allows more options for protecting computers on your network Scart Configuration Auto Discovery Define which users will have access to removable devices by creating or modifying Policies in the Protection Policies tab In the Computers tab specify which computers to protect Power Users Users Groups Set alerting options database backend and custom messages in the Options tab Database Finalize The EndPointSecuri
14. Computer Security settings Options Logging options Database options 3 3 2 Upgrading from GFI LANguard Portable Storage Control If the computer on which you are installing GFI EndPointSecurity is protected by a GFI LANguard Portable Storage Control agent you first need to uninstall that agent To do this 1 Open GFI LANguard Portable Storage Control configuration console 10 Installing GFI EndPointSecurity Getting Started Guide 2 Delete the agent from the computer where GFI EndPointSecurity will be installed This process should be done only for the computer where GFI EndPointSecurity 4 3 will be installed 3 Close the GFI LANguard Portable Storage Control configuration console application and proceed to installing GFI EndPointSecurity 4 When installing GFI EndPointSecurity you are asked to confirm whether you want to import configurations from the previous version Click Yes to import configurations The GFI LANguard Portable Storage Control agents that were protecting your computers will be automatically added to a protection policy called LegacyAgents in GFI EndPointSecurity 3 4 Installing GFI EndPointSecurity To install GFI EndPointSecurity E Run the installer as a user with administrative privileges on the computer 1 Double click on the GFI EndPointSecurity executable file 2 Select language and click OK 3 Click Next at the Welcome screen to start setup 4 Read carefully the End User License Agr
15. FI EndPointSecurity For more information refer to the Entering your license key after installation section in the Miscellaneous chapter 7 Key in or browse to select an alternative installation path or click Next to use the default path and proceed with the installation 8 Click Back to re enter installation information or click Next and wait for the installation to complete 9 Upon installation completion enable or disable the Launch GFI EndPointSecurity checkbox and click Finish to finalize installation 12 Installing GFI EndPointSecurity Getting Started Guide 4 Getting Started 4 1 Introduction Upon the initial launch of GFI EndPointSecurity management console the Quick Start wizard will automatically be launched This will enable you to configure GFI EndPointSecurity for first time use The Quick Start wizard will guide you in configuring the following settings automatic discovery power users users groups database backend 4 2 Using the Quick Start wizard The Quick Start wizard can also be launched from File gt Quick Start Wizard Quick Start Quick Start Follow these steps to get the SFI EndPointSecurity up and running GFIEndP ointSecurity Start The Quick Start wizard will guide you through the necessary steps needed ta Start configure and start using the product Configuration IF you do not want to go through the wizard at this time you can click cancel The Auto Discovery wizard can be l
16. I EndPointSecurity Administration and Configuration Manual 5 2 2 Test case Accessing a CD DVD disc Upon compliance with the previously outlined test pre conditions non administrative users are no longer allowed access to any devices or ports connected to the local computer To verify that both the device and media are inaccessible to the non administrative user 1 Log in to the local computer as the user with no administrative privileges 2 Insert the CD DVD disc in the CD DVD drive 3 From Windows Explorer locate the CD DVD drive and confirm that you are unable to view and open the contents stored on the CD DVD disc Assign permissions to user with no administrative privileges To assign CD DVD device access permissions to the user with no administrative privileges Log in to the local computer as the user with administrative privileges Launch GFI EndPointSecurity Click on the Configuration tab Click on the Protection Policies sub tab From the left pane select the General Control protection policy Click on the Security sub node N no oF KR WN gt From the left pane click the Add permission s hyperlink in the Common tasks section Add permissions Control entities Specify for which type of item do you want to setup the permissions for Add permissions for Device categories e g Floppy disks Storage devices _ Connectivity ports e g USB Firewire C Specific devices
17. Screenshot 10 GFI EndPointSecurity Quick Start wizard Users Groups step Screenshot 11 Users Groups options Screenshot 12 GFI EndPointSecurity Quick Start wizard Database step Screenshot 13 Database setup options Screenshot 14 GFI EndPointSecurity Quick Start wizard Finish step Screenshot 15 GFI EndPointSecurity management console Screenshot 16 Selecting control entities Screenshot 17 Selecting device categories to assign permissions Screenshot 18 Adding users or groups Screenshot 19 Selecting permission types per user or group Screenshot 20 Editing license key 1 Introduction 1 1 About portable media device threats The key advantage of removable media devices or portable devices is easy access In theory this may be of great advantage for organizations but still it is a well reported fact that access and security are at opposite ends of the security continuum Developments in removable media technology are escalating Newer versions of portable devices such as flash memory have increased in Better storage capacity Improved performance Easier and faster to install Physically small enough to carry in a pocket As a result internal users may deliberately or accidentally Take away sensitive data Expose confidential information Introduce malicious code e g viruses Trojans that can bring the entire corporate network down Transfer inappropriate or offensive material on to co
18. ation Manual Detailed administration and configuration guidelines are provided in the GFI EndPointSecurity Administration and Configuration Manual which is installed with the product or separately downloadable from the GFI website http www gfi com esec esec4manual pdf The Administration and Configuration Manual complements this Getting Started Guide and provides more information on how to use and customize the features provided by GFI EndPointSecurity 1 4 Terms used in this manual The following terms are used in this manual En Provides additional information and references essential for the operation of GFI EndPointSecurity For any technical terms and their definitions as used in this manual refer to the Glossary chapter in this manual 1 5 GFI EndPointSecurity licensing For more information on licensing and evaluation refer to the GFI website at http www gfi com products gfi endpointsecurity pricing licensing 2 Introduction Getting Started Guide 2 About GFI EndPointSecurity 2 1 Introduction This chapter provides you with the following information The key features and components of GFI EndPointSecurity How GFI EndPointSecurity works The device categories and connectivity ports supported by GFI EndPointSecurity 2 2 Key features GFI EndPointSecurity offers the following main features Group based protection control In GFI EndPointSecurity you can configure and place computers into groups that ar
19. aunched again From the File menu Power Users Users Groups Database Finalize Finish Screenshot 3 GFI EndPointSecurity Quick Start wizard Start step Step 1 Configuring automatic discovery GFI EndPointSecurity provides you with the facility to search for newly connected computers to the network at configured scheduled times through the auto discovery feature In addition you can also instruct the agent deployment feature to assign the default protection policy to the newly discovered computers By default the Enable Auto Discovery checkbox is enabled the auto discovery settings are set to scan the Current domain workgroup the install agents settings are set to assign the General Control protection policy shipping default protection policy on to the newly discovered computers Getting Started Guide Getting Started 13 Quick Start Quick Start m Follow these steps to get the GFI EndPointSecurity up and running GFIEndP ointSecurity Start Select to enable auto discovery EndPointSecurity will scan the network For Start unprotected computers and will execute the specified actions for each of them Configuration Suto Discovery Power Users Discovery area Current domainfworkgroup Enable Auto Discovery Users Groups Database _ Install agents on discovered computers Finalize Default protection policy General Control Finish Logon user TCDOM GTN 4 administrator Auto discovery settings Tell m
20. ble or disable Send alert and click OK 9 Click Next Step 2 Configuring power users GFI EndPointSecurity provides you with the facility to specify users as power users Power Users are automatically given full access to devices connected to any target computer covered by the protection policy You can define sets of power users for any protection policy By default the Set EndPointSecurity Power Users checkbox is enabled the system s Administrators group is set as a GFI EndPointSecurity Power User in the General Control protection policy shipping default protection policy Getting Started Guide Getting Started 17 Quick Start Quick Start En Follow these steps to get the GFI EndPointSecurity up and running GFIEndP ointSecurity Start Select to add EndPointSecurity Power Users to the default protection policy All Start specified users will have access to any connected removable devices Configuration Auto Discovery Set EndPointSecurity Power Users Power Users Users Groups Default protection policy General Control Power Users Administrators Database Finalize Select Power Users Finish Tell me more Screenshot 8 GFI EndPointSecurity Quick Start wizard Power Users step To configure the Power Users feature 1 Enable or disable the Set EndPointSecurity Power Users checkbox 2 Click Select Power Users to customize the list of power users 18 Getting Started Getting Started Guide
21. dPointSecurity management console Through the GFI EndPointSecurity management console you can Create and manage protection policies and specify which device categories and connectivity ports are to be controlled Remotely deploy protection policies and agents on to your target computers Grant temporary access to target computers to use specific devices View the device protection status of every computer that is being monitored 4 About GFI EndPointSecurity Getting Started Guide Carry out scans on target computers to identify devices currently or previously connected Check logs and analyze what devices have been connected to every network computer Keeps track of which computers have an agent deployed and which agents need to be updated GFI EndPointSecurity agent The GFI EndPointSecurity agent is a client side service responsible for the implementation of the protection policies on the target computer s This service is automatically installed on the remote network target computer after the first deployment of the relevant protection policy through the GFI EndPointSecurity management console Upon the next deployments of the same protection policy the agent will be updated and not re installed 2 4 How GFI EndPointSecurity works Deployment and monitoring GFI EndPointSecurity protection policy deployment and monitoring operations can be divided in four logical stages Administrator uses GFI EndPointSec
22. e governed by one protection policy This allows you to configure a single protection policy and apply it to all the computers that are members of that group Granular access control GFI EndPointSecurity enables you to allow or deny access to a specific device as well as to assign where applicable full or read only privileges over every supported device e g CD DVD drives PDAs on a user by user basis Scheduled deployment GFI EndPointSecurity allows you to schedule the deployment of protection policies and any related configuration changes without the need to keep to the GFI EndPointSecurity management console open The deployment feature also handles failed deployments through automatic rescheduling Access control Apart from blocking a range of device categories GFI EndPointSecurity also allows blocking By file type for example allow the user to read doc files but block access to all exe files By physical port all devices connected to particular physical ports for example all devices connected to USB ports By device ID block access to a single device based on the unique Hardware ID of the device E In Microsoft Windows 7 a feature called BitLocker To Go can be used to protect and encrypt data on removable devices GFI EndPointSecurity performs checks on real file types encrypted with Windows 7 BitLocker To Go Device whitelist and blacklist The administrator can define a list of specific de
23. e more Screenshot 4 GFI EndPointSecurity Quick Start wizard Auto Discovery step To configure the Auto Discovery feature 1 Enable or disable the Enable Auto Discovery and Install agents on discovered computers checkboxes 2 Click the Auto discovery settings hyperlink to configure the auto discovery settings 14 Getting Started Getting Started Guide Auto Discovery Auto Discovery Discovery Area Actions 2 Enable automatic discovery to detect computers newly connected to the network Start discovery now Enable automatic discovery to detect computers newly connected to the network Schedule Start discovery at April 05 2010 06 40 FM Hourly Hecur every week s on Daily Sunday Monday Weekly Tuesday _ Wednesday Monthly _ Thursday Friday Saturday Screenshot 5 Auto Discovery options 3 In the Auto Discovery dialog select the Auto Discovery tab and enable or disable the Enable automatic discovery to detect computers newly connected to the network checkbox 4 In the Schedule section select the start date and set frequency of the searches from Hourly Daily Weekly or Monthly Getting Started Guide Getting Started 15 Auto Discovery Auto Discovery Discovery Area Actions 2 Select the area from where the new computers hawe to be i discovered Cur
24. eb Forum User to user technical support is available via the web forum The forum can be found at http forums gfi com 7 5 Request technical support If you have referred to this manual and our Knowledge Base articles and you still cannot solve issues with the software contact the GFI Technical Support team by filling in an online support request form or by phone Online Fill out the support request form from http support gfi com supportrequestform asp Phone To obtain the correct technical support phone number for your region please visit http www gfi com company contact htm Before you contact our Technical Support team please have your Customer ID available Your Customer ID is the online account number that is assigned to you when you first register your license keys in our Customer Area at http customers gfi com We will answer your query within 24 hours or less depending on your time zone 7 6 Build notifications We strongly suggest that you subscribe to our build notifications list This way you will be immediately notified about new product builds To subscribe to our build notifications visit http www gfi com pages productmailing htm 7 7 Documentation If this manual does not satisfy your expectations or if you think that this documentation can be improved in any way let us know via email on documentation gfi com Getting Started Guide Troubleshooting 37 8 Glossary Access permission
25. eement If you agree to the terms laid out in the agreement select accept the license agreement and click Next ig GFI EndPointSecurity Setup Saks User Account Information Please enter requested data The GFI EndPomtSecurity Serice listens for important events generated by protection agents and logs them to a central database tis recommended to run the service under a domain administrator account Set up the GFI EndPointSecunty Service to run under Account iT LCOOMAIM A administrator Password NOTE Specify the user name in the format DOMAIN adm n ztrator Screenshot 1 GFI EndPointSecurity installation domain administrator account setup 5 Key in the logon credentials of an account with administrative privileges and click Next to continue Getting Started Guide Installing GFI EndPointSecurity 77 ig GFI EndPointSecurity Setup Seles License Key Enter the following information to personalize your installation wy Please enter your name company and license key IF pou do not have a license key you can use GFI EndPointSecunty as an evaluation version for the first 10 days Full Hame AdminGFl Company myCompany License Kep Screenshot 2 GFI EndPointSecurity installation license key details 6 Key in the Full Name and Company If you have a license key update the License Key details and click Next z The license key can be keyed in after installation or expiration of the evaluation period of G
26. eps to get the SFI EndPointSecurity up and running GFIEndP ointSecurity Start Select which server will be used to host the EndPoinkSecurity database Scart O Don t configure the database at this time Configuration O Use an already installed SQL Server instance Select this option if you would like to use an SQL Server that is already installed The SQL Server can be either on this computer or on a separate Users Groups server on the network Suto Discovery Power Users Database Install a local instance of SQL Server Express Edition Finalize Select this option if an SOL Server is not available for use by SFI Finish EndPointSecurity SQL Server Express Edition will be automatically downloaded and an instance installed on this computer A Database will be created for EndPointSecurity to store the device access data SOL Instance Name SOLEsPRESS Database Mame EndPointSecurity4s Advanced database settings Tell me more Screenshot 12 GFI EndPointSecurity Quick Start wizard Database step To configure the Database feature 1 Select the server or instance which will host the GFI EndPointSecurity database For Use an already installed SQL Server instance and Install a local instance of SQL Server Express Edition click the Advanced database settings hyperlink Getting Started Guide Getting Started 21 Database Backend Settings Current database settings z Server WIM 2 E SSL us Database Esec User sa New
27. figuration of the Quick Start wizard allows you to fine tune GFI EndPointSecurity to suit your company s needs which may not match the pre test settings required by this test As a result some GFI EndPointSecurity configuration settings need to be set as indicated below for this test to succeed the local computer is listed in the Status Agents view z3 the shipping default protection policy is deployed on the local computer and is up to date To verify check in the Status Agents view that If the local computer is not listed then manually include it within the computers list For more information refer to the GFI EndPointSecurity Administration and Configuration Manual the protection policy is set to General Control the deployment is Up to date the local computer is Online If the deployment of the agent on to the local computer is not up to date then manually deploy the agent on to it For more information refer to the GFI EndPointSecurity Administration and Configuration Manual z3 the user account with no administrative privileges is not set as a power user in the General Control protection policy shipping default protection policy Getting Started Guide Testing GFI EndPointSecurity 25 E If the user account is set as a power user then manually remove it from the power users group of the General Control protection policy shipping default protection policy For more information refer to the GF
28. files on the target computer at windir EndPointSecurity Please use the Troubleshooter Wizard to contact the GFI Technical Support team To open the Troubleshooter Wizard navigate to Start gt Programs gt GFI EndPointSecurity 4 3 gt GFI EndPointSecurity 4 3 Troubleshooter Getting Started Guide Index A access permissions 32 Active Directory 4 19 32 Active Directory domain environment 19 alert recipients 32 alerts 32 alerts administrator account 32 automatic discovery 13 32 B BitLocker To Go 3 32 Build notifications 31 C Common Issues 31 connectivity port 32 Create Protection Policy wizard 32 D database backend 21 32 deployment error messages 32 35 device blacklist 3 32 device category 32 Device Scan 32 device whitelist 3 32 digest report 32 E event logging 32 F file type filters 32 G GFI EndPointSecurity agent 5 32 application 32 management console 4 32 Temporary Access tool 7 32 version 3 10 Getting Started Guide GFI EndPointSecurity Administration and Configuration Manual 2 GFI LANguard Portable Storage Control 10 global permissions 32 Glossary 32 GPO Group Policy Objects 33 H How GFI EndPointSecurity works deployment and monitoring 5 device access 6 temporary access 7 Human Interface Devices 33 installing GFI EndPointSecurity 11 K Knowledge Base 31 L licensing 2 29 M msi fi
29. he implementation enforcement of the protection policies on the target computer s A server side security application that aids in maintaining data integrity by preventing unauthorized access and transfer of content to and from devices and connection ports The user interface of the GFI EndPointSecurity server side application A tool which is available on the target computers It is used by the user to generate a request code and later to enter the unlock code in order to activate the temporary access once it is granted by the administrator Upon activation the user will have access to devices and connection ports when such access is normally blocked on his protected target computer for the specified duration and time window A Create Protection Policy wizard step that prompts the user to either block or else to allow access to all devices falling in a category or which are connected to a port of the target computers covered by the protection policy Getting Started Guide GPO Group Policy Objects Human Interface Devices MSI file Power user Protection policy Quick Start wizard Security encryption Target computer Temporary access User message Getting Started Guide See Group Policy Objects An Active Directory centralized management and configuration system that controls what users can and cannot do on a computer network A specification that is part of the universal serial bus USB standard for a cla
30. ion 1 1 1 About portable media device threats 2222ssessenesessenennenenennenenn 1 1 2 GFI EndPointSecurity the SOlUtion ccc cee cee c cee ceeceeceeeceeceees 1 Ted USING Mis Mandl nee een 2 1 4 Terms used in this manual cece cece eee cee cececeeececceeceseceeceees 2 1 5 GFI EndPointSecurity licensing cece cee c ces cecccecceccesceeccescesceess 2 2 About GFI EndPointSecurity 3 2 1 ION ee ee een 3 22 VOY Tea ea eher 3 2 3 Components of GFI EndPointSecurity cece ccc e cece cence eccecceecees 4 2 4 How GFI EndPointSecurity works Deployment and monitoring 5 2 5 How GFI EndPointSecurity works Device ACCESS cee ceeceeceeeceecees 6 2 6 How GFI EndPointSecurity works Temporary ACCESS ceeceeeceecees 7 2 7 Supported device CateQOLieS ccccceccecceccceccecceeceeccecceeceecceecees 7 2 8 Supported connectivity ports cccec cee cceccesceecceccescesceeccesceecees 8 3 Installing GFI EndPointSecurity 9 Bel MOTU CON eere EE E E E E A wae 9 3 2 System requirements ssessssessosessoessoseseoceeecoessosessoeeesoeeeseeseoe 9 3 3 Upgrading from earlier versionS essssseesceescsescesscresceesoreceesoeeo 10 3 4 Installing GFI EndPointSecurity sesssesseesoeesessceesoessoeescesceesoee 11 4 Getting Started 13 al NEO CO ee es re rer e 13 4 2 Using the Quick Start wizard cece cece cece cece eee eeeceeceeceeeeseceecees 13 4 3
31. le 4 33 35 36 N navigating the Management console 23 P power users 17 33 protection policy 33 Q Quick Start wizard 13 33 S security encryption 33 supported connectivity ports 8 supported device categories 7 system requirements 9 hardware 9 10 software 9 10 Index 37 T target computer 33 Technical Support 31 temporary access 33 testing installation 25 Troubleshooter wizard 36 Troubleshooting 31 U user messages 33 users groups 19 V versions 38 Index checking for newer versions 29 upgrading from earlier versions 10 W Web Forum 31 wizard Create Protection Policy wizard 32 Quick Start wizard 13 33 Troubleshooter wizard 36 workgroup environment 19 Getting Started Guide USA CANADA CENTRAL AND SOUTH AMERICA 15300 Weston Parkway Suite 104 Cary NC 27513 USA Telephone 1 888 243 4329 Fax 1 919 379 3402 Email ussales gfi com UK AND REPUBLIC OF IRELAND Magna House 18 32 London Road Staines Middlesex TW18 4BP UK Telephone 44 0 870 770 5370 Fax 44 0 870 770 5377 Email sales gfi co uk EUROPE MIDDLE EAST AND AFRICA GFI House San Andrea Street San Gwann SGN 1612 Malta Telephone 356 2205 2000 Fax 356 2138 2419 Email sales gfi com AUSTRALIA AND NEW ZEALAND 83 King William Road Unley 5061 South Australia Telephone 61 8 8273 3000 Fax 61 8 8273 3099 Email sales gfiap com
32. n and Configuration Manual 3 Delete the CD DVD device access permissions to the user if it was not assigned CD DVD device access permissions prior to this test For more information refer to the GFI EndPointSecurity Administration and Configuration Manual 28 Testing GFI EndPointSecurity Getting Started Guide 6 Miscellaneous 6 1 Introduction The miscellaneous chapter gathers all the other information that falls outside the initial configuration of GFI EndPointSecurity 6 2 Entering your license key after installation After installing GFI EndPointSecurity you can enter your license key without re installing or re configuring the application To enter your license key 1 Click on the General tab 2 From the left pane select Licensing License Key Enter the license key for GFI EndPointSecunty below IF you are evaluating the product do not enter 4 license key License key Screenshot 20 Editing license key 3 From the right pane click Edit 4 In the License Key text box key in the license key provided by GFI Software Ltd 5 Click OK to apply the license key 6 3 Checking for newer GFI EndPointSecurity versions GFI Software Ltd releases product updates which can be manually or automatically downloaded from the GFI website To check if a newer version of GFI EndPointSecurity is available for download 1 Click on the General tab 2 From the left pane select Version Information 3 From the righ
33. nd Computers Active Directory domain environment or Computer Management workgroup environment without having to specify user permissions within the relevant policies and then deploy the updates through GFI EndPointSecurity By default the Configure Users Groups checkbox is enabled the created Active Directory domain groups local system groups are added to the General Control protection policy shipping default protection policy Getting Started Guide Getting Started 19 Quick Start Quick Start n Follow these steps to get the GFI EndPointSecurity up and running GFIEndP ointSecurity Start Create localfdomain user groups for device categories and connectivity ports The Start created groups will be added to the default protection policy To allow a user acces to removable devices simply add the user to the corresponding localfdomain Configuration group Uto Discovery Power Users Configure Users Groups Users Groups Database Finalize Select which Users Groups to create Finish Default protection policy General Control Tell me more Screenshot 10 GFI EndPointSecurity Quick Start wizard Users Groups step To configure the Users Groups feature 1 Enable or disable the Configure Users Groups checkbox 2 Click the Select which Users Groups to create hyperlink to configure which devices and ports will be controlled by a specific protection policy Configure Users Groups GFIEndPointSecurity
34. ntSecurity agent is automatically installed on the remote network target computer Upon the next deployments of the same protection policy the agent will be updated and not re installed Stage 4 Monitor device access When agents have been deployed the administrator can monitor all device access attempts via the GFI EndPointSecurity management console receive alerts and generate reports through the GFI EndPointSecurity ReportPack 2 5 How GFI EndPointSecurity works Device access GFI EndPointSecurity device access operations can be divided in three logical stages O 0 attaches device Device usage blocked amp Error message Yes Device _ Blacklisted Device whitellsted Device Port permission Po Printers Device usage allowed File type allowed Figure 2 Device access Stage 1 Device attached to computer The user attaches a device to a target computer protected by GFI EndPointSecurity Stage 2 Protection policy enforcement The GFI EndPointSecurity agent installed on the target computer detects the attached device and goes through the protection policy rules 6 About GFI EndPointSecurity Getting Started Guide applicable to the computer user This operation determines whether the device is allowed or blocked from being accessed Stage 3
35. on and configuration of new protection policies Configuration settings include the selection of device categories and ports to be controlled and whether to block or allow all access to them This wizard also allows the configuration of file type based filters encryption permissions as well as logging and alerting options A database used by GFI EndPointSecurity to keep an audit trail of all events generated by GFI EndPointSecurity agents deployed on target computers Errors that can be encountered upon deployment of GFI EndPointSecurity agents from the GFI EndPointSecurity management console A list of specific devices whose usage is blocked when accessed from all the target computers covered by the protection policy A group of peripherals organized in a category A GFI EndPointSecurity feature to search for all devices that are or have been connected to the scanned target computers A list of specific devices whose usage is allowed when accessed from all the target computers covered by the protection policy A summary report giving an account of the activity statistics as detected by GFI EndPointSecurity A feature to record events related to attempts made to access devices and connection ports on target computers and service operations A set of restrictions that are assigned to users and groups per file type Filtering is based on file extension checks and real file type signature checks A client side service responsible for t
36. ork 2 0 or higher TCP port 1116 default required by the GFI EndPointSecurity agents to notify the GFI EndPointSecurity management console about their statuses and send device access events Without this port open to receive events the administrator will have to either manually monitor the events in the Event Viewer of each target computer or use GFI EventsManager to automatically collect and monitor events from the target computers on the server For more information about GFI EventsManager refer to the GFI website at http www gfi com eventsmanager Microsoft SQL Server 2000 2005 or 2008 as the backend database Ensure that your firewall settings enable communications between all the target computers where the GFI EndPointSecurity agents are installed and the GFI EndPointSecurity server Getting Started Guide Installing GFI EndPointSecurity 9 E A database backend is required for storing device access data and for reporting purposes GFI EndPointSecurity provides the option to either use an available Microsoft SQL Server or else to automatically download and install Microsoft SQL Server 2005 Express on the same computer where GFI EndPointSecurity management console is installed 3 2 3 Agent Hardware requirements Processor 1GHz processor clock speed or better RAM 256 MB minimum 512 MB recommended Hard Disk 50 MB of available space 3 2 4 Agent Software requirements Supported operating systems GFI EndPointSecurity
37. ow A message that is displayed by GFI EndPointSecurity agents on target computers when devices are accessed Glossary 33 9 Appendix 1 Deployment error messages 9 1 Introduction This section provides a list of errors that can be encountered when deploying agents or protection policies possible causes for these errors and possible solutions The deployment status can be accessed from the GFI EndPointSecurity management console by navigating to Status gt Deployment gt Deployment History 9 2 3 Deployment error messages In the following table some error messages are in the format GFI EndPointSecurity error system error The errors within the parenthesis are reported by the system and may vary according to the cause of the error Message Possible causes Possible solutions ee iS GFI EndPointSecurity management console If a target computer is offline the deployment of the relevant policy is rescheduled for an hour later GFI EndPointSecurity keeps trying to offline pings the target deploy that policy every hour until the target computer is back computer at online deployment to Ensure that the target computer is switched on and connected to the determine whether it is network online and if not this message is displayed Failed to GFI EndPointSecurity Ensure that your firewall settings enable communication between the connect to was not able to extract target computers and the GFI EndPointSecurity serve
38. r the remote data from the registry registry of the target computer error Failed to GFI EndPointSecurity For more details about the cause of the error and a possible solution gather was not able to extract refer to the system error message within the parenthesis required version related data information from the target error computer Operating System version and GFI EndPointSecurity agent version Failed to GFI EndPointSecurity For more details about the cause of the error and a possible solution build the was not able to add the refer to the system error message within the parenthesis required necessary configuration installation files within the files error deployment file msi installation file of the GFI EndPointSecurity agent This error occurs before the deployment file is copied onto the target computer Getting Started Guide Appendix 1 Deployment error messages 35 Message Possible causes Possible solutions Failed to copy the files to the remote computer error Timeout Failed to install the deployment service error Installation failed Un installation failed The operation failed due to an unknown exception 36 Appendix 1 GFI EndPointSecurity was not able to copy the deployment file msi installation file onto the target computer A possible cause can be that the administrative share CS that GFI EndPointSecurity is using to connect to the target
39. rent domainwork group The following domains workgroups Entire network except Domain york Group Add Edit Remove Screenshot 6 Discovery Area options 5 Select the Discovery Area tab and select the area to be covered by the discovery feature For The following domains workgroups and Entire network except click Add and key in the Domain workgroup name 16 Getting Started Getting Started Guide Auto Discovery Auto Discovery Discovery Area Actions 2 Specity the actions that should be performed on the discovered computers and the default policy to be used Install agents on discovered computers Use the security context under which the GFI EndPointS ecurity eICe IS running Use the logon credentials specified below PT EEE Use a default policy General Control wt Send alert Screenshot 7 Actions options 6 Select the Actions tab and enable or disable Install agents on discovered computers If enabled click Yes to confirm the enabling of the Automatic Protection feature Select the logon credentials that GFI EndPointSecurity requires to physically log on to the target computer s By default GFI EndPointSecurity is configured to use the logon credentials of the currently logged on user account from which GFI EndPointSecurity application is running 7 Select the protection policy from the drop down list to be automatically applied to newly discovered target computers 8 Ena
40. rporate hardware Make personal copies of company data and intellectual property Get distracted during work hours In an attempt to control these threats organizations have started to prohibit the use of personally owned portable devices at work Best practice dictates that you must never rely on voluntary compliance and the best way to ensure complete control over portable devices is by putting technological barriers 1 2 GFI EndPointSecurity the solution GFI EndPointSecurity is the security solution that helps you maintain data integrity by preventing unauthorized access and transfer of content to and from the following devices or connection ports USB Ports e g Flash and Memory card readers pen drives Firewire ports e g digital cameras Firewire card readers Wireless data connections e g Bluetooth and Infrared dongles Floppy disk drives internal and external Optical drives e g CD DVD Magneto Optical drives internal and external Removable USB hard disk drives Other drives such as Zip drives and tape drives internal and external Through its technology GFI EndPointSecurity enables you to allow or deny access and to assign full or read only privileges to Devices e g CD DVD drives PDAs Local or Active Directory users user groups With GFI EndPointSecurity you can also record the activity of all devices or connection ports being used on your target compute
41. rs including the date time of usage and by whom the devices were used Getting Started Guide Introduction 1 1 3 Using this manual This user manual is a comprehensive guide aimed at assisting you in installing and testing GFI EndPointSecurity It describes how to use and configure GFI EndPointSecurity to achieve the best possible corporate security This manual contains the following chapters Chapter 1 Introduction Introduces this manual Chapter 2 About GFI EndPointSecurity Provides basic information on GFI EndPointSecurity and how it works Chapter 3 Installing GFI EndPointSecurity Provides information on system requirements and how to install the GFI EndPointSecurity Chapter 4 Getting Started Provides information on how to configure the installation of GFI EndPointSecurity using the Quick Start wizard Chapter 5 Testing GFI EndPointSecurity Provides information on how to test your GFI EndPointSecurity installation Chapter 6 Miscellaneous Provides information on licensing and versioning Chapter 7 Troubleshooting Provides all the necessary information on how to deal with any problems encountered while using GFI EndPointSecurity Also provides extensive support information Chapter 8 Glossary Defines technical terms used within GFI EndPointSecurity Chapter 9 Appendix 1 Deployment error messages Provides a list of errors displayed during deployment of agents from the management console Administration and Configur
42. s Active Directory Alert recipient Alerts Alerts administrator account Automatic discovery BitLocker To Go Connectivity port Create Protection Policy wizard Database backend Deployment error messages Device blacklist Device category Device scan Device whitelist Digest report Event logging File type filters GFI EndPointSecurity agent GFI EndPointSecurity application GFI EndPointSecurity management console GFI EndPointSecurity Temporary Access tool Global permissions 32 Glossary A set of permissions access read and write that are assigned to users and groups per device category connectivity port or a specific device A technology that provides a variety of network services including LDAP like directory services A GFI EndPointSecurity profile account to hold the contact details of users intended to receive e mail alerts network messages and SMS messages A set of notifications e mail alerts network messages or SMS messages that are sent to alert recipients when particular events are generated An alert recipient account that is automatically created by GFI EndPointSecurity upon installation A GFI EndPointSecurity feature to search and discover computers that were newly connected to the network at configured scheduled times A Microsoft Windows 7 feature to protect and encrypt data on removable devices An interface between computers and devices A wizard to guide you in the creati
43. ss of peripheral devices These devices such as a mice keyboards and joysticks enable users to input data or to interact directly with the computer A file generated by GFI EndPointSecurity for later deployment using GPO or other deployment options It can be generated for any protection policy and contains all the relevant configured security settings including installation settings for unprotected target computers A power users is automatically given full access to devices connected to any target computer covered by the protection policy A set of device access and connectivity port permissions that can be configured to suit your company s device access security policies A wizard to guide you in the configuration of GFI EndPointSecurity with custom settings It is launched upon the initial launch of GFI EndPointSecurity management console and is intended for first time use A set of restrictions configured to either block or else to allow users groups to access specific file types stored on devices that are encrypted with BitLocker To Go These restrictions are applied when the encrypted devices are connected to the target computers covered by the protection policy A computer that is protected by a GFI EndPointSecurity protection policy A period of time during which users are allowed to access devices and connection ports when such access is normally blocked on protected target computers for a specified duration and time wind
44. t pane click Check for newer version hyperlink to manually check if a newer version of GFI EndPointSecurity is available Alternatively enable the Check for newer version at startup checkbox to automatically check if a newer version of GFI EndPointSecurity is available for download every time GFI EndPointSecurity is launched Getting Started Guide Miscellaneous 29 7 Troubleshooting 7 1 Introduction The troubleshooting chapter explains how you should go about resolving any software issues that you might encounter The main sources of information available to users are The manual most issues can be solved by reading this manual GFI Knowledge Base articles Web forum Contacting the GFI Technical Support 7 2 Common Issues Issue encountered Solution Errors are displayed within the For more information about error messages possible causes and possible Status gt Deployment solutions refer to the Appendix 1 Deployment error messages chapter Deployment History section upon in this manual deployment of GFI EndPointSecurity agents from the GFI EndPointSecurity management console 7 3 Knowledge Base GFI maintains a Knowledge Base which includes answers to the most common problems If you have a problem please consult the Knowledge Base first The Knowledge Base always has the most up to date listing of technical support questions and patches To access the Knowledge Base visit http kbase gfi com 7 4 W
45. tected by a user configurable password This means that any other GFI EndPointSecurity instances will not have access to the agent management options Device discovery The GFI EndPointSecurity engine can be used to scan and detect the presence of devices on the network even on computers that are not assigned any protection policy The information gathered about detected devices can then be used to build security policies and assign access rights for specific devices Logs browser An in built tool allows the administrator to browse logs of user activity and device usage that is detected by GFI EndPointSecurity Alerting GFI EndPointSecurity allows you to configure e mail alerts network messages and SMS messages that can be sent to specified recipients when devices are connected or disconnected when device access is allowed or blocked and upon service generated events Custom messages When users are blocked from using devices they are shown popup messages explaining the reasons why the device was blocked GFI EndPointSecurity allows the customization of these messages Database maintenance To maintain the size of the database backend GFI EndPointSecurity can be set to backup or delete events older than a custom number of hours or days 2 3 Components of GFI EndPointSecurity When you install GFI EndPointSecurity the following components are set up GFI EndPointSecurity management console GFI EndPointSecurity agent GFI En
46. ty Activity tab provides a viewer to quickly access en events gathered from the protected computers inis The status dashboard shows the current status of GFI EndPointSecurity general status of the protected computers and statistics The Tools section contains the Device Scanner that can be used to detect removable devices on the computers across the network Screenshot 14 GFI EndPointSecurity Quick Start wizard Finish step 6 Upon wizard completion review the guidelines page 7 Click Finish to complete the wizard 4 3 Navigating the GFI EndPointSecurity management console GFI EndPointSecurity management console provides you with all the administrative functionality to monitor and manage device access usage Getting Started Guide Getting Started 23 GFI EndPointSecurity 4 3 AHA Fie Configure Help Discuss this version 1 Status Activity Configuration Tools Reporting General 7 Computers Tal Protection Policies lt Options Computer groups A Computers Ks All computers Computers that can be controlled Name Description Group Folicy Up To Date Last Update Deployment sc EXPO General Control Yes 37247 2010 5 01 49 PM Ea Pod General Control Yes 3242010 5 01 50 FM Common tasks Actions Deploy now Schedule deployment Assign policy Move to another group Set logon credentials Set description Date Time Messages 3 24 2010 5 01 50 FM Agent configuration updated on computer
47. uide 3 3 1 Installing GFI EndPointSecurity Introduction This chapter provides you with the following information 3 2 The system requirements of GFI EndPointSecurity How to upgrade from GFI EndPointSecurity 3 or later and from GFI LANguard Portable Storage Control How to install GFI EndPointSecurity System requirements The following are the system requirements to install GFI EndPointSecurity 3 2 1 3 2 2 Hardware requirements Processor 2GHz processor clock speed or better RAM 512 MB minimum 1 GB recommended Hard disk 100 MB of available space further disk space is required for the database backend Software requirements Supported operating systems GFI EndPointSecurity can be installed on the following operating systems x86 or x64 Microsoft Windows Server 2008 R2 x64 Standard or Enterprise edition Microsoft Windows Server 2008 Standard or Enterprise edition Microsoft Windows Small Business Server 2008 Standard edition Microsoft Windows Server 2003 Standard Enterprise or Web edition Microsoft Windows Small Business Server 2003 Microsoft Windows 7 Professional Enterprise or Ultimate edition Microsoft Windows Vista Enterprise Business or Ultimate edition Microsoft Windows XP Professional Other components z Microsoft Internet Explorer 5 5 or higher Microsoft NET Framew
48. unity management console oO Configure computers Deploy protection u policy Configure computers to be protected Configure credentials O Customize protection policy Configure access connectivity port permissions usage permissions Configure power users Configure event logging and notifications blacklist whitelist filtars Monitor device usage activity Configure device Configure device Configure filetype Statistics view Device Scan i Figure 1 Protection policy deployment and monitoring Getting Started Guide About GFI EndPointSecurity 5 Stage 1 Configure computers The administrator specifies which protection policy is assigned to which computers and the log on credentials to be used by GFI EndPointSecurity to access the target computers and deploy the agents Stage 2 Customize protection policy The administrator can customize a protection policy before or after deploying it Customization options include the creation of power users addition of blacklisted whitelisted devices and device access permissions Stage 3 Deploy protection policy The administrator deploys the protection policy Upon the first deployment of a protection policy a GFI EndPoi
49. vices that are permanently allowed and others that are permanently banned Power users The administrator can specify users or groups who would always have full access to devices that are otherwise blocked by GFI EndPointSecurity Temporary access The administrator is able to grant temporary access to a device or group of devices on a particular computer This feature allows the administrator to generate an unlock code that the end user can use to obtain a time limited access to a particular device or port even when the GFI EndPointSecurity agent is not connected to the network Getting Started Guide About GFI EndPointSecurity 3 Status dashboard The dashboard s user interface shows the statuses of live and deployed agents database and alerting servers the GFI EndPointSecurity service as well as statistical data with charts The main application keeps track of the live agent status by communicating with its deployed agents Maintenance tasks are performed automatically once an agent goes online Active Directory deployment through MSI From the GFI EndPointSecurity management console it is possible to generate MSI files that can be later deployed using the Group Policy Object GPO feature within the Active Directory or other deployment options An MSI file will contain all the security settings configured in a particular protection policy Agent management password Agent management functions such as update and un install are pro
Download Pdf Manuals
Related Search