Faronics in the Lab

By Matthew Sarrel  |  Posted 2010-04-23 Print this article Print


Faronics in the Lab

Installation of the management server and console was simple. A wizard walked me through the setup to the extent that I merely had to click "next" a few times and then click "finish."

That's where the hand-holding stopped abruptly, as I never encountered another wizard. While there is help available for Faronics Core Console, the MMC Snap-in GUI management tool, it is pretty bare bones and not context-sensitive. There are traditionally helpful passages in the help area, such as "click yes to enable this feature," but there was no explanation of the feature. Help is slightly better for end users if you choose to make it available as a PDF-based manual.

The GUI is pretty straightforward, so the lack of wizards didn't cripple me. But it took a few minutes to get orientated to the GUI. It's organized like any other MMC snap-in, with a tree in the left pane broken down by Faronics Core Server, Workstations, Tasks and Reports. The Action Pane appears on the right and shows tree-sensitive actions.

The first thing I did was navigate to the local instance of Faronics Core Server and choose to Create Core Agent Install, which generated a very small MSI install package. The MSI file could be pushed to workstations however you want, including manually. I also had to install the Anti-Executable workstation software on each client in the same manner.

Neither of these installs can be silent. Under this same action menu (Manage Users and Roles), I created a variety of console user accounts (there are four presets: Guests, Users, Power Users, Administrators), which are good enough, but custom groups and privileges can't be created. Different roles can be assigned with different levels of privilege in the console and in Anti-Executable.

Once the client agent was installed on my 10 workstations, they automatically contacted the management server and appeared under Managed Workstations. I created a few Custom Workstation Groups for various configurations. It's likely that an actual implementation would involve quite a few groups with different policies assigned by configuration or user job tasks. I could drag and drop workstations into the groups I created and could also have used an LDAP server (AD or eDirectory).

Matthew Sarrel Matthew D. Sarrel, CISSP, is a network security,product development, and technical marketingconsultant based in New York City. He is also a gamereviewer and technical writer. To read his opinions on games please browse http://games.mattsarrel.com and for more general information on Matt, please see http://www.mattsarrel.com.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel