FullArmor on Monday will extend the ability to create and enforce Microsoft Active Directory Group Policy settings to devices that are not connected to the directory.
Boston-based FullArmor Corp. will add a new member to its Intellipolicy for Clients suite, dubbed “GP Anywhere,” that allows administrators to create corporate policy templates and apply them to non-directory-connected machines.
Such machines can include Windows-based notebooks and mobile devices as well as kiosks embedded with Windows XP.
GP Anywhere can also be used to streamline the migration from Windows NT 4 Domains or Netware to Active Directory.
“IT administrators want to take advantage of the security with [Active Directorys] Group Policies, but you have to do a lot of planning with Active Directory and it takes time to migrate desktops,” said Dilip Radhakrishnan, product manger in Boston.
“We reduce the trouble by providing predefined templates with high, medium and low security,” he added.
The templates contain a fixed set of policy settings that are based on Microsoft best practices. Administrators can also create custom templates using a Policy Template Designer that uses point-and-click actions to select or unselect policy settings.
With the templates, administrators can lock down access to the desktops control panel, registry editor and run-command option; set and enforce passwords and user rights; disable removable media storage devices, and ensure that services such as anti-virus are running.
The tool delivers Active Directory security settings to mobile workers who are not connected to the corporate network, according to FullArmor CEO Rich Farrell. “This takes the Group Policy and makes it work anywhere,” he said.
GP Anywhere will be available on Monday for Windows 2000 or higher operating systems. It is priced at $6 per managed machine.