Академический Документы
Профессиональный Документы
Культура Документы
����������
������������������������
� ����������������������������
Last modified: February 2006
��������
About Faronics
Faronics Corporation develops and markets intelligent utilities for absolute control of multi-user
computing environments. Faronics’ market-leading solutions have dramatically impacted the day-to-
day lives of thousands of information technology professionals and computing lab managers, ensuring
100% availability of systems, thus significantly reducing workstation maintenance, and increasing user
satisfaction.
Faronics’ flagship solution, Deep Freeze, protects over 5 million workstations worldwide. Our user-
driven, powerful technology innovations benefit educational institutions, libraries, government
organizations and corporations.
As a customer-centric organization, Faronics’ products are researched and developed in close
consultation with our end-users. We value our customer’s ideas and suggestions, and depend on this
feedback to provide the innovative solutions our users have come to rely on. This approach is the basis
for Faronics’ industry-leading customer service strategy, continually working to build and maintain
lasting relationships with our users.
Incorporated in 1996, Faronics has two offices situated in the USA and Canada. An ambitious growth
strategy and global outlook has Faronics striving to reach new markets. Future diversification of Faronics’
utilities will provide innovative and unique solutions, continuing to enhance user productivity.
Technical Support
Every effort has been made to design this software for ease of use and to be problem free. If problems
are encountered, contact Technical Support:
Email: support@faronics.com
Phone: 800-943-6422 or 604-637-3333
Hours: 7:00am to 5:00pm (Pacific Time)
Contact Information
Web: www.faronics.com
Email: sales@faronics.com
Phone: 800-943-6422 or 604-637-3333
Fax: 800-943-6488 or 604-637-8188
Hours: 7:00am to 5:00pm (Pacific Time)
Address: Faronics Technologies USA Inc.
Suite 170 – 2411 Old Crow Canyon Road
San Ramon, CA 94583
USA
Faronics Corporation
620 - 609 Granville St.
Vancouver, BC V7Y 1G5
Canada
© 1999 – 2006 Faronics Corporation. All rights reserved. Deep Freeze, Faronics, Faronics Anti-Executable, Faronics System Profiler,
FreezeX, and WINSelect are trademarks and/or registered trademarks of Faronics Corporation. All other company and product names
are trademarks of their respective owners.
3
This page intentionally left blank
��������
Contents
5
��������
System Requirements
Anti-Executable Standard requires Windows 9X/Me/2000/XP, with Microsoft Internet Explorer
version 5 or greater installed. The hardware specifications are the same as those required by the host
operating system.
Definition of Terms
Whitelist refers to the list of authorized executables created when Anti-Executable is installed.
Authorized executable or authorized program means any executable file already present on a workstation
at the time of the Anti-Executable installation, or any executable file installed while Anti-Executable is
turned off. All authorized executables are included on the whitelist.
Unauthorized executable refers to any executable file not included on the whitelist.
Violation means an attempt by the user or any program (including the operating system) to run an
unauthorized executable file while Anti-Executable is on.
6
��������
Installing Anti-Executable
To install Anti-Executable, complete the following steps:
1. Double-click the AEStd.exe file.
The following window appears:
7
��������
Logging in to Anti-Executable
Users must log in to access the Configuration Window, in order to configure and manage Anti-
Executable on a workstation.
Do one of the following to log in:
• Press SHIFT and double-click the Anti-Executable icon in the System Tray
• Use the keyboard shortcut CTRL+SHIFT+ALT+F10
Password
When Anti-Executable is first installed, there is no password set. Click OK to gain access to the
Configuration Window.
Password protecting Anti-Executable is optional.
If there is no password set, do not enter anything in the password field, and click OK.
If a password has been set, enter it in the Enter Password field, and click OK.
The General tab in the Configuration Window appears:
8
��������
General Tab
The General tab allows users to activate or deactivate Anti-Executable.
To activate Anti-Executable protection, click the On radio button and click Apply.
To deactivate Anti-Executable protection, click the Off radio button and click Apply.
Click OK to close the Configuration Window.
Status Tab
The Status tab provides a detailed report on the options available to configure Anti-Executable.
The following image details the status of a workstation:
On this workstation, the security setting for Anti-Executable is Low, and all the security options are
disabled, with only the Log File option enabled. This is the default configuration for Anti-Executable.
9
��������
Configuration Tab
The Configuration tab has four sub-tabs along the bottom used to configure various options in Anti-
Executable. They are: Security Settings, Message, Exempted Folders, and Trusted Applications.
Security Settings
The Security Settings tab sets the level of protection by Anti-Executable.
Use the slider bar to set the preferred level of security:
In addition to the above, the High level of security does the following:
• Blocks unauthorized drivers and .dll files
• Allows optional enabling of Copy Prevention and Delete Prevention
For Windows 95, 98, and ME operating systems, the only security setting option
available is High.
network folders, even if Network Prevention is checked. If the option is unchecked, all executable files
on a network can be executed normally.
Delete Prevention: When Delete Prevention is checked, all executables on the workstation are protected
from being deleted or renamed, regardless of whether they are authorized by Anti-Executable or not.
When this option is unchecked, the deletion or renaming of executables is controlled by the operating
system and access privileges — as if Anti-Executable was not installed. Delete Prevention can only be
enabled if the security level is set to High.
Copy Prevention: When Copy Prevention is checked, executables cannot be copied to another location,
downloaded via the Internet, or copied to the workstation from removable media. This helps reduce
accumulation of unauthorized or copied executable files, including files in the Internet Temp folder.
When this option is unchecked, the copying of executable files is controlled by the operating system
and access privileges. Copy Prevention can only be enabled if the security level is set to High.
Windows on Windows: When Do Not Allow is checked on this feature, all 16-bit executable files are
blocked from execution. If this option is unchecked, all 16-bit executable files are allowed to execute.
Message
The Message tab is used to customize the message that displays when a user attempts to perform an
action that has been protected by Anti-Executable.
By default, Anti-Executable’s text message says: This action violates the acceptable use policy. To
customize the message text, delete the default message and type the preferred message.
By default, the bitmap option is checked, meaning the graphic displayed in the tab accompanies the
message when it appears. The default graphic is displayed on the tab. To change it, click Customize
and browse to the location of a saved graphic. Click Preview to see how the graphic and message will
display. Click Clear to revert to the default graphic.
11
��������
To suppress Anti-Executable’s violation message, uncheck all the display options available on the
message tab, including: File name, Reason for blocking, Program name, and Bitmap, and delete all the
text in the message box. Anti-Executable will continue to block all executables that are not on the
whitelist, but will no longer display a message to indicate the violations.
12
��������
Exempted Folders
The Exempted Folders tab is used to designate folders that are not protected by Anti-Executable
Enterprise. Any executable in a folder on this list is authorized to run.
To add a folder to this list, click the [...] icon and browse to the location of the folder to be added. Select
it and click OK. In the Configuration Window, click Add Folder.
To add the sub-folders of a principal folder to the Exempted Folders list, check the Include sub-folders
box. All executables inside the main folder and its sub-folders are designated as exempted from Anti-
Executable’s protection. If there is a folder that does not need to be exempted, it should be removed
from the list.
To remove a folder from the list, select the folder to be removed and click Remove Folder.
To import a folder from a file, click Import From File. Browse to the location of the .fzx file containing
the list of Exempted Folders to be imported. Select it and click Open.
To export to a file, click Export to File. Browse to the location of the file to be exported to, and click
Save.
To clear all files from the Exempted Folders list, click Clear.
13
��������
Trusted Applications
The Trusted Applications tab is used to designate which programs are trusted. A Trusted Application
can open and modify other executables, such as an antivirus program.
To add an application to this list, click the [...] icon and browse to the location of the file to be added.
Select it and click OK. In the Configuration Window, click Add Application.
To add applications in sub-folders of the principal folder, check the Include sub-folders box. All
executables inside the main folder and its sub-folders are designated as Trusted Applications and are
authorized to open and modify other executables. If there are executables in a sub-folder that should
not be trusted, they should be removed from the list.
To remove an single application from the list, select the file or files to be removed and click Remove
Application.
To import a list of Trusted Applications from a file, click Import From File. Browse to the location of the
.fzx file to import from. Select it and click Open.
To export to a file, click Export to File. Browse to the location of the file to export to, and click Save.
To clear all files from the Trusted Applications list, click Clear.
14
��������
Password Tab
The Password tab, as shown below, allows users to set change the current password.
15
��������
Uninstalling Anti-Executable
Anti-Executable must be deactivated to be uninstalled from the workstation.
Complete the following steps to uninstall Anti-Executable Standard from a workstation:
16
��������
All programs installed while Anti-Executable is off are permitted to run with no restrictions.
17
��������
The information above was accurate when this user guide was published; due to the
changing nature of third-party antivirus software, different settings may be required
as they are revised. In most cases, either setting Anti-Executable to the High security
level and designating all executables associated with the antivirus software as Trusted
Applications will ensure compatibility.
18
��������
19