FullArmor Corp. last week rolled out a solution that helps extend the ability to create and enforce Microsoft Corp. Active Directory Group Policy settings to devices that are not connected to the directory.
The Boston-based company added a new member to its Intellipolicy for Clients suite, called GPAnywhere, that allows administrators to create corporate policy templates and apply them to machines not connected to Active Directory.
Such machines can include Windows-based notebooks and mobile devices, as well as kiosks running Windows XP.
GPAnywhere can be used to streamline migration from Windows NT 4.0 domains or NetWare to Active Directory.
“IT administrators want to take advantage of the security with [Active Directorys] Group Policies, but you have to do a lot of planning with Active Directory, and it takes time to migrate desktops,” said Dilip Radhakrishnan, product manger at FullArmor. “We reduce the trouble by providing predefined templates with high, medium and low security.”
The templates contain a fixed set of policy settings that are based on Microsoft best practices. Administrators can create custom templates using a Policy Template Designer that uses point-and-click actions to select or deselect policy settings.
With the templates, administrators can lock down access to the desktops control panel, registry editor and Run command option; set and enforce passwords and user rights; disable removable media storage devices; and ensure that services such as anti-virus software are running.
GPAnywhere is available now for Windows 2000 or later operating systems. It is priced at $6 per managed machine.