Anti Executable Standard Manual

8/3/2019 Anti Executable Standard Manual

1/19


2/19

Tis page intentionally le blank


3/19

AboutFaronics

Faronics Corporation develops and markets intelligent utilities or absolute control o multi-usercomputing environments. Faronics market-leading solutions have dramatically impacted the day-to-day lives o thousands o inormation technology proessionals and computing lab managers, ensuring100% availability o systems, thus signicantly reducing workstation maintenance, and increasing user

satisaction.

Faronics agship solution, Deep Freeze, protects over 5 million workstations worldwide. Our user-driven, powerul technology innovations benet educational institutions, libraries, governmentorganizations and corporations.

As a customer-centric organization, Faronics products are researched and developed in closeconsultation with our end-users. We value our customers ideas and suggestions, and depend on thiseedback to provide the innovative solutions our users have come to rely on. Tis approach is the basisor Faronics industry-leading customer service strategy, continually working to build and maintainlasting relationships with our users.

Incorporated in 1996, Faronics has two oces situated in the USA and Canada. An ambitious growthstrategy and global outlook has Faronics striving to reach new markets. Future diversication o Faronics

utilities will provide innovative and unique solutions, continuing to enhance user productivity.

TechnicalSupport

Every eort has been made to design this sofware or ease o use and to be problem ree. I problemsare encountered, contact echnical Support:

Email: [email protected]

Phone: 800-943-6422 or 604-637-3333

Hours: 7:00am to 5:00pm (Pacic ime)

ContactInformation

Web: www.aronics.com

Email: [email protected]

Phone: 800-943-6422 or 604-637-3333

Fax: 800-943-6488 or 604-637-8188

Hours: 7:00am to 5:00pm (Pacic ime)

Address: Faronics echnologies USA Inc.Suite 170 2411 Old Crow Canyon RoadSan Ramon, CA 94583USA

Faronics Corporation

620 - 609 Granville St.Vancouver, BC V7Y 1G5Canada

Last modied: February 2006

1999 2006 Faronics Corporation. All rights reserved. Deep Freeze, Faronics, Faronics Anti-Executable, Faronics System Profler,FreezeX, and WINSelect are trademarks and/or registered trademarks o Faronics Corporation. All other company and product namesare trademarks o their respective owners.


4/19

Tis page intentionally le blank


5/19

Contents

Faronics Anti-Executable Standard Overview ..................................................................................................6About Faronics Anti-Executable Standard ..................................................................................................................6System Requirements .....................................................................................................................................................6

Denition o erms ........................................................................................................................................................6Installing Anti-Executable ................................................................................................................................7

Logging in to Anti-Executable...........................................................................................................................8Password ..........................................................................................................................................................................8

Conguring and Managing Anti-Executable ....................................................................................................9General ab .....................................................................................................................................................................9Status ab .........................................................................................................................................................................9Conguration ab ........................................................................................................................................................10

Security Settings ......................................................................................................................................................10Other Security Settings Options ...........................................................................................................................10Message .....................................................................................................................................................................11Customizing the Message .......................................................................................................................................12

Exempted Folders ....................................................................................................................................................13rusted Applications ...............................................................................................................................................14

Password ab .................................................................................................................................................................15

Uninstalling Anti-Executable ...........................................................................................................................................16

Installing and Upgrading Applications on Anti-ExecutableProtected Workstations ...................................17

Appendix A: Anti-Executable and Tird-Party Antivirus Sofware ..............................................................18

Appendix B: Anti-Executable and Deep Freeze .............................................................................................19Installation o Deep Freeze and Anti-Executable .....................................................................................................19Permanent Sofware Installations, Changes, or Removals with Deep Freeze and Anti-Executable ..................19


6/19

FaronicsAnti-ExecutableStandardOverview

AboutFaronicsAnti-ExecutableStandard

Faronics Anti-Executable is a productivity tool that prevents any unauthorized programs rom

running, including viruses, keyloggers, and spyware. Powerul and secure, Anti-Executable ensuresthat any new executable, introduced to the workstation by any means, never runs or installs.

SystemRequirements

Anti-Executable Standard requires Windows 9X/Me/2000/XP, with Microsof Internet Explorerversion 5 or greater installed. Te hardware specications are the same as those required by the hostoperating system.

DenitionofTerms

Whitelistreers to the list o authorized executables created when Anti-Executable is installed.

Authorized executable or authorized program means any executable le already present on a workstationat the time o the Anti-Executable installation, or any executable le installed while Anti-Executable isturned o. All authorized executables are included on the whitelist.

Unauthorized executable reers to any executable le not included on the whitelist.

Violation means an attempt by the user or any program (including the operating system) to run anunauthorized executable le while Anti-Executable is on.


7/19

InstallingAnti-Executable

o install Anti-Executable, complete the ollowing steps:

1. Double-click theAEStd.exe le.Te ollowing window appears:

2. ClickNextto continue the installation.3. Follow the steps presented. Read and accept the license agreement.

4. ClickFinish.Te ollowing dialog appears:

5. Click Yes to continue. Anti-Executable Standard begins installing.

Te computer restarts to complete the installation process.

When the icon appears in the System ray, Anti-Executable is activated.


8/19

LoggingintoAnti-Executable

Users must log in to access the Conguration Window, in order to congure and manage Anti-Executable on a workstation.

Do one o the ollowing to log in:

Press SHIF and double-click the Anti-Executable icon in the System ray

Use the keyboard shortcut CRL+SHIF+AL+F10

Either method brings up the login dialog.

Password

When Anti-Executable is rst installed, there is no password set. Click OK to gain access to theConguration Window.

Password protecting Anti-Executable is optional.

I there is no password set, do not enter anything in the password eld, and clickOK.

I a password has been set, enter it in the Enter Passwordeld, and clickOK.

Te Generaltab in the Conguration Window appears:


9/19

ConguringandManagingAnti-Executable

Anti-Executable can be congured and managed using the Conguration Window. Te CongurationWindow has our tabs to access the options available: General, Status, Conguration, and Password.

GeneralTabTe Generaltab allows users to activate or deactivate Anti-Executable.

o activate Anti-Executable protection, click the On radio button and clickApply.

o deactivate Anti-Executable protection, click the Ofradio button and clickApply.

ClickOKto close the Conguration Window.

StatusTab

Te Status tab provides a detailed report on the options available to congure Anti-Executable.

Te ollowing image details the status o a workstation:

On this workstation, the security setting or Anti-Executable is Low, and all the security options aredisabled, with only the Log File option enabled. Tis is the deault conguration or Anti-Executable.


10/19

10

CongurationTab

Te Conguration tab has our sub-tabs along the bottom used to congure various options in Anti-Executable. Tey are: Security Settings,Message, Exempted Folders, and rusted Applications.

SecuritySettings

Te Security Settings tab sets the level o protection by Anti-Executable.

Use the slider bar to set the preerred level o security:

Te deault security level is Low, which does the ollowing:

Blocks unauthorized 32-bit executables

Protects Anti-Executable Standard directory rom access and tampering

In addition to the above, the High level o security does the ollowing:

Blocks unauthorized drivers and .dll les

Allows optional enabling o Copy Prevention and Delete Prevention

For Windows 95, 98, and ME operating systems, the only security setting optionavailable is High.

OtherSecuritySettingsOptions

Stealth Mode: Check the Stealth Mode option to ensure Anti-Executable icons are not visible on aworkstations System ray.

Log File : I the Log File option is checked, when the Show Logbutton is clicked, a history o attemptedaccess violations on the workstation is displayed.

Network Prevention: When Network Prevention is checked, all executable les on a network driveare blocked rom execution. Te Exempted Folders tab allows access to executable les in specied


11/19

11

network olders, even i Network Prevention is checked. I the option is unchecked, all executable leson a network can be executed normally.

Delete Prevention: When Delete Prevention is checked, all executables on the workstation are protectedrom being deleted or renamed, regardless o whether they are authorized by Anti-Executable or not.When this option is unchecked, the deletion or renaming o executables is controlled by the operating

system and access privileges as i Anti-Executable was not installed. Delete Prevention can only beenabled i the security level is set to High.

Copy Prevention: When Copy Prevention is checked, executables cannot be copied to another location,downloaded via the Internet, or copied to the workstation rom removable media. Tis helps reduceaccumulation o unauthorized or copied executable les, including les in the Internet emp older.When this option is unchecked, the copying o executable les is controlled by the operating systemand access privileges. Copy Prevention can only be enabled i the security level is set to High.

Windows on Windows: When Do Not Allow is checked on this eature, all 16-bit executable les areblocked rom execution. I this option is unchecked, all 16-bit executable les are allowed to execute.

Message

TeMessage tab is used to customize the message that displays when a user attempts to perorm anaction that has been protected by Anti-Executable.

By deault, Anti-Executables text message says: Tis action violates the acceptable use policy. ocustomize the message text, delete the deault message and type the preerred message.

By deault, the bitmap option is checked, meaning the graphic displayed in the tab accompanies themessage when it appears. Te deault graphic is displayed on the tab. o change it, click Customizeand browse to the location o a saved graphic. ClickPreview to see how the graphic and message willdisplay. ClickClearto revert to the deault graphic.


12/19

12

CustomizingtheMessage

Tere are a number o options to customize the Message.

CheckFile name to display the name o the executable that the user is attempting to run. Te completepath to the executable displays in the dialog.

CheckReason or blockingto display the reason the attempted action has been blocked.

For example, i a user attempts to open an unauthorized executable le, the dialog woulddisplayReason: Open, afer the custom message and le name (i those options are enabled).

CheckProgram name to display the name o the program that is attempting to perorm the action.

For example, i a user attempts to run an executable, the dialog would displayProgram Name:C:\WINN\Explorer.EXE because Windows Explorer is the program the user is attemptingto open the application rom. Tis line would be displayed in the dialog afer the custommessage, le name and reason (i those options are enabled).

o suppress Anti-Executables violation message, uncheck all the display options available on themessage tab, including: File name, Reason or blocking, Program name, and Bitmap, and delete all thetext in the message box. Anti-Executable will continue to block all executables that are not on thewhitelist, but will no longer display a message to indicate the violations.

An example o a custom dialog with all options enabled is shown below afer a user has attempted torun a spyware.exe program rom a CD-ROM.

o suppress Anti-Executables violation message, uncheck all the display options available on themessage tab, including: File name, Reason or blocking, Program name, and Bitmap, and delete all thetext in the message box. Anti-Executable will continue to block all executables that are not on thewhitelist, but will no longer display a message to indicate the violations.


13/19

1

ExemptedFolders

Te Exempted Folders tab is used to designate olders that are not protected by Anti-ExecutableEnterprise. Any executable in a older on this list is authorized to run.

o add a older to this list, click the[...] icon and browse to the location o the older to be added. Selectit and clickOK. In the Conguration Window, clickAdd Folder.

o add the sub-olders o a principal older to the Exempted Folders list, check the Include sub-oldersbox. All executables inside the main older and its sub-olders are designated as exempted rom Anti-

Executables protection. I there is a older that does not need to be exempted, it should be removedrom the list.

o remove a older rom the list, select the older to be removed and clickRemove Folder.

o import a older rom a le, clickImport From File. Browse to the location o the .zx le containingthe list oExempted Folders to be imported. Select it and clickOpen.

o export to a le, click Export to File. Browse to the location o the le to be exported to, and clickSave.

o clear all les rom the Exempted Folders list, clickClear.


14/19

14

TrustedApplications

Te rusted Applications tab is used to designate which programs are trusted. A rusted Applicationcan open and modiy other executables, such as an antivirus program.

o add an application to this list, click the [...] icon and browse to the location o the le to be added.Select it and clickOK. In the Conguration Window, clickAdd Application.

o add applications in sub-olders o the principal older, check the Include sub-olders box. Allexecutables inside the main older and its sub-olders are designated as rusted Applications and areauthorized to open and modiy other executables. I there are executables in a sub-older that should

not be trusted, they should be removed rom the list.o remove an single application rom the list, select the le or les to be removed and click Remove

Application.

o import a list o rusted Applications rom a le, clickImport From File. Browse to the location o the.zx le to import rom. Select it and clickOpen.

o export to a le, clickExport to File. Browse to the location o the le to export to, and clickSave.

o clear all les rom the rusted Applications list, clickClear.


15/19

1

PasswordTab

Te Passwordtab, as shown below, allows users to set change the current password.

o set a new password or to change a current password:

1. Enter the password in the Enter New Passwordeld.

2. Re-enter the same password in the Conrm Passwordeld.

3. Click Apply.

Te password has now been changed.


16/19

1

UninstallingAnti-Executable

Anti-Executable must be deactivated to be uninstalled rom the workstation.

Complete the ollowing steps to uninstall Anti-Executable Standard rom a workstation:

1. Double-click theAEStd.exe le.

Te ollowing screen displays:

2. ClickUninstallto begin uninstalling Anti-Executable.

A screen appears inorming the user that Anti-Executable will be uninstalled.

3. ClickFinish to uninstall Anti-Executable Standard rom the computer.

Te computer restarts afer Anti-Executable is uninstalled.


17/19

1

InstallingandUpgradingApplicationsonAnti-ExecutableProtectedWorkstations

Anti-Executable restricts program execution to only those that are already installed at the time Anti-Executable is installed. o install additional sofware on a workstation afer Anti-Executable has beeninstalled, ollow the steps below:

1. urn Anti-Executable o.

2. Install and/or update additional sofware.

3. urn Anti-Executable on.

All programs installed while Anti-Executable is o are permitted to run with no restrictions.

I an installation or setup program was already on the workstation when Anti-Executablewas rst installed or was copied to the workstation while Anti-Executable was o, theinstallation or setup program will run successully.

I the installation or setup program is run while Anti-Executable is on, it is not ableto copy, create, or extract executable les to the workstation. Tis may result in anincomplete installation with unpredictable results.

Anti-Executable must be o to perorm third-party antivirus sofware updates.

Anti-Executable must be o to perorm Microsof Windows critical updates.


18/19

1

AppendixA:Anti-ExecutableandThird-PartyAntivirusSoftware

Anti-Executable has been tested with many major third-party antivirus applications. When Anti-Executable is installed, it automatically detects certain antivirus applications and congures itsel asrequired.

o ensure proper operation and updating o antivirus applications, the ollowing Anti-Executableconguration settings are recommended.

Antivirusapplication Anti-ExecutableCongurationDetailsandNotes

SymantecAntiVirusCorporateEdition

Anti-Executable automatically adds all associated executable les tothe rusted Applications list

NortonAntiVirus2004Anti-Executable automatically adds all associated executable les tothe rusted Applications list

McAfeeVirusScan Anti-Executable must be set to the Low security level

TrendMicroOfceScan Anti-Executable must be set to the Low security level

CAeTrustEZAntivirus No les need to be rusted

SophosAntiVirus No les need to be rusted

COMMANDAntivirus No les need to be rusted

AVGAntiVirus(Grisoft) No les need to be rusted

PandaSoftwareAntivirus No les need to be rusted

Te inormation above was accurate when this user guide was published; due to thechanging nature o third-party antivirus sofware, dierent settings may be requiredas they are revised. In most cases, either setting Anti-Executable to the High securitylevel and designating all executables associated with the antivirus sofware as rusted

Applications will ensure compatibility.

It is strongly recommended that any third-party antivirus application be installedand congured prior to the installation o Anti-Executable. Anti-Executable shouldbe uninstalled prior to the initial installation o an antivirus application and thenre-installed aferwards.

Antivirus sofware updates must be perormed with Anti-Executable o or during ascheduled Maintenance period.


19/19

1

AppendixB:Anti-ExecutableandDeepFreeze

Anti-Executable and Deep Freeze complement each other well and can both be installed on the sameworkstation. Te procedures listed below outline the necessary steps or installation o the two programson the same workstation and perorming subsequent permanent sofware installations, changes, orremovals on the workstation.

InstallationofDeepFreezeandAnti-Executable

Te ollowing procedure must be used when installing Anti-Executable and Deep Freeze on the sameworkstation:

1. Install Deep Freeze.

2. Boot the workstation Tawed.

3. Install Anti-Executable.

4. Congure Anti-Executable with the desired settings and turn the protection on.

5. Boot the workstation Frozen.

PermanentSoftwareInstallations,Changes,orRemovalswithDeepFreezeandAnti-Executable

A similar procedure must be used when new sofware installations, updates, or permanent changes tothe workstation are required:

1. Boot the workstation Tawed.

2. urn Anti-Executable o.

3. Install new sofware, update existing sofware, and make any permanent changes to theworkstation as required.

4. Restart the workstation i necessary and congure any new sofware as desired.

5. urn Anti-Executable on.

6. Boot the workstation Frozen.

Documents

Anti Executable Standard Manual