written by: Steve Mallard•edited by: Bill Bunter•updated: 5/7/2010
No matter how you educate your users, it seems you are always challenged by a user wanting to download software to their workstation. Regardless of your type of business, Faronics Anti-Executable is an excellent software in your arsenal of protection software.
slide 1 of 9
Google’s Chrome was released this past summer and immediately became an administrator’s nightmare.With basic users being able to download and add programs as ‘users’ on computers, administrators have been in a silent war with end users.With the ability to load executables, it is not just the logistical nightmare for administrators; it is the dangers of malicious software.Often users don’t understand the problems they cause for system administrators. Faronics has a solution to this problem: Anti-Executable.
slide 2 of 9
The installation of Faronics Anti-Executable was easy and straightforward.During the installation, the setup program requests a password for any executable to run.This password is strictly for the administrator of your organization and is used when creating white listed items. With this type of installation, it doesn't take a system administrator from an Information Technology Department to install this software. This software has dozens of features that are easy to install and is easy to operate. This software is perfect for educational departments under a tight budget and with few IT staff members. The ROI (Return of Investment) is easily seen. With software that installs easy and prevents programs from being downloaded, administrative overhead is kept to a minimum.
slide 3 of 9
Testing was performed under a ‘test’ user account with no rights. This ensured the software was used properly under a typical user account.
With Google’s Chrome (Beta), typical users can often download executables without any user prompt. After downloading Google’s Chrome under the administrator account, I logged out and logged in to the ‘test’ account.I was immediately greeted with Faronics stopping executables from running.These prompts were asking for the administrator to set a rule to run the individual programs once or for the programs to be whitelisted.Having loaded a batch file in the startup group, this small program was stopped by Faronics to get approval.Excellent job by Faronics.Stopping a non 32 bit batch file is to be commended. Creating these white list for the user is a one time setup.
With Google’s Chrome, an exploit such as the one below will normally run.By running an executable from a web browser, malicious software can infect a computer or allow a standard user to execute a file that would unnerve an administrator.
slide 4 of 9
slide 5 of 9
With the recent release of Faronics Anti Executable 3.3, the features are improved to include - Anti-Executable Maintenance Mode which will temporarily disable the Anti-Executable software while software updates for the operating system, applications or even new software is installed. Anti Executable will then look at these new programs and applications making white listing easier than ever.
slide 6 of 9
Another good example is normally, a typical user may be able to execute malicious Java executables.Being a researcher, I keep programs that can normally be deemed dangerous.I deliberately put a java executable within a webpage on my test server and tried to access the page so the executable would execute and load.Faronics once again performed flawlessly and above reproach stopping the file from executing. Excellent!
slide 7 of 9
Faronics can automatically create a workstation’s white list, examining programs that are considered safe to run.The administrator can import the white list as necessary or choose to use multiple white lists.After looking at the loading and checking the program, I was able to look at Faronics' excellent log for any unauthorized installation attempts.This is an awesome feature that lets you know who is trying to install programs.
A recent article I published gave details on group policies in Active Directory that could help to prevent the running of programs.This form of enforcement can be complex and hard to setup.Faronics makes your life easy as an administrator.You can use this top notch software as a compliment to the aforesaid Active Directory policy.
slide 8 of 9
Overview and Features in Version 3.3
No matter how you educate your users, it seems you are always challenged by a user wanting to download software to their workstation. Regardless of your type of business, Faronics Anti Executable is an excellent program in your arsenal of protection software.
With the recent release of Faronics Anti Executable 3.3, the features are improved to include -
Anti-Executable Maintenance Mode which will temporarily disable the Anti-Executable software while software updates for the operating system, applications or even new software is installed. Anti Executable will then look at these new programs and applications making whitelisting easier than ever.
Automatic whitelisting is now available making maintenance easier. The system admin only needs to check a box and have Anti Executable scan for changes.
Anti Executable now supports Microsoft Windows Server 2008 in both a 32 bit and 64 bit environment. This support for cutting edge operating systems should be commended. Now with Active Task Compliance, workstations that are not available will hold their new settings.