Review of Faronics Anti-Executable

Google’s Chrome was released this past summer and immediately became an administrator’s nightmare. With basic users being able to download and add programs as ‘users’ on computers, administrators have been in a silent war with end users. With the ability to load executables, it is not just the logistical nightmare for administrators; it is the dangers of malicious software. Often users don’t understand the problems they cause for system administrators.

The installation of Faronics Anti-Executable was easy and straightforward. During the installation, the setup program requests a password for any executable to run. This password is strictly for the administrator of your organization and is used when creating white listed items. With this type of installation, it doesn't take a system administrator from an Information Technology Department to install this software. This software

has dozens of features that are easy to install and is easy to operate. This software is perfect for educational departments under a tight budget and with few IT staff members. The ROI (Return of Investment) is easily seen. With software that installs easy and prevents programs from being downloaded, administrative overhead is kept to a minimum.

Testing was performed under a ‘test’ user account with no rights. This ensured the software was used properly under a typical user account.

With Google’s Chrome (Beta), typical users can often download executables without any user prompt. After downloading Google’s Chrome under the administrator account, I logged out and logged in to the ‘test’ account. I was immediately greeted with Faronics stopping executables from running. These prompts were asking for the administrator to set a rule to run the individual programs once or for the programs to be whitelisted. Having loaded a batch file in the startup group, this small program was stopped by Faronics to get approval. Excellent job by Faronics. Stopping a non 32 bit batch file is to be commended. Creating these white list for the user is a one time setup.

With Google’s Chrome, an exploit such as the one below will normally run. By running an executable from a web browser, malicious software can infect a computer or allow a standard user to execute a file that would unnerve an administrator.

Another good example is normally, a typical user may be able to execute malicious Java executables. Being a researcher, I keep programs that can normally be deemed dangerous. I deliberately put a java executable within a webpage on my test server and tried to access the page so the executable would execute and load. Faronics once again performed flawlessly and above reproach stopping the file from executing. Excellent!

Faronics can automatically create a workstation’s white list, examining programs that are considered safe to run. The administrator can import white list as necessary or use multiple white lists. After looking at the loading and checking the program, I was able to look at Faronics' excellent log for any unauthorized installation attempts. This is an awesome feature that lets you know who is trying to install programs.

A recent article I published gave details on group policies in Active Directory that could help to prevent the running of programs. This form of enforcement can be complex and hard to setup. Faronics makes your life easy as an administrator. You can use this top notch software as a compliment to the aforesaid Active Directory policy.

No matter how you educate your users, it seems you are always challenged by a user wanting to download software to their workstation. Regardless of your type of business, Faronics Anti Executable is an excellent program in your arsenal of protection software.

digg

del.icio.us

StumbleUpon

reddit

Vendor website.