Protection Drivers Objectives By the end of todays session we will - - PDF document

protection drivers objectives by the end of today s
SMART_READER_LITE
LIVE PREVIEW

Protection Drivers Objectives By the end of todays session we will - - PDF document

Jan 30, 2024 105 likes •295 views

Protection Drivers Objectives By the end of todays session we will 1. use File Access to restrict access to files from applications and manage any known exceptions 2. manage application access and manage any known exceptions 3. block

slide-1
SLIDE 1

Powered by Kaseya March, 2007 1

Protection Drivers Objectives

By the end of today’s session we will…

  • 1. use File Access to restrict access to files from applications and manage

any known exceptions

  • 2. manage application access and manage any known exceptions
  • 3. block specific applications from network access and manage any known

exceptions

slide-2
SLIDE 2

Powered by Kaseya March, 2007 2

Locating the Protection Drivers

  • Click on the “Audit” Tab at the top of the screen of the Kaseya application
  • Locate the “Protection” Category in the Function List at the left of the

application

slide-3
SLIDE 3

Powered by Kaseya March, 2007 3

File Access

File Access allows the Agent to protect any file on client machines from unauthorized access by a rogue application or user. Any application can be approved or denied access to the file. Additionally, specifying "Ask user to approve unlisted" opens a dialog box and asks the user to approve the application accessing the file. This method effectively learns which applications to approve or deny as you go. Note: You may also block operating system access to the protected file. This prevents the file from being renamed, moved, or deleted therefore completely locking down the file from tampering.

  • Locate the File Access link under the Protection Category of the

Function List

slide-4
SLIDE 4

Powered by Kaseya March, 2007 4

  • Select the Machine Group ID desired
  • Enter the file name to which you wish to restrict access
  • Click the Block button
slide-5
SLIDE 5

Powered by Kaseya March, 2007 5

  • Enter the file name to which you wish to access control. In the example below,

we are utilizing an imaginary file (tstblck.txt)

  • Enter the application(s) you wish to approve for access to this file. We want the

file to be accessible by wordpad only

  • Click the New button
  • Click in the desired radio button. Decide whether you wish to ask the user or

deny all unlisted

  • Click the Add button

Note: You may also search by Machine ID to bring up all applications found on the machine since the last audit

slide-6
SLIDE 6

Powered by Kaseya March, 2007 6

Testing the File Access feature

  • Open the file with an application not on the approved list. In this example,

the file tstblck.txt was blocked and we’re trying to open the file using notepad

  • The following pop up error message will appear
slide-7
SLIDE 7

Powered by Kaseya March, 2007 7

Application Blocker

The Application Blocker prevents any application from running on a machine. Applications listed here are blocked when a user double clicks them or tries to run the application at all. The application can be referenced by file name and/or a portion of the full path. For example, adding an application named adaware.exe to the list prevents all

  • ccurrences of adaware.exe, on any directory or on any drive, from running.

Adding myfolder\adaware.exe prevents occurrences of the application in any directory named myfolder from running.

  • Click on the Application Blocker link under the Protection function
  • Select the Machine ID you wish to affect
  • Enter the application you wish to block in the appropriate field
  • Click the Block button

The application will then appear in the Application Column as indicated

slide-8
SLIDE 8

Powered by Kaseya March, 2007 8

Unblocking Applications

Use the unblock button to remove the desired application from the “Blocked” list

  • Select the desired Machine Group ID
  • Enter the desired application in the appropriate field
  • Click the Unblock button
slide-9
SLIDE 9

Powered by Kaseya March, 2007 9

  • In the Dialog box that appears, highlight the Application you wish to

unblock

  • Click the Unblock Button
slide-10
SLIDE 10

Powered by Kaseya March, 2007 10

Network Access

Network Protection allows you to monitor and control access on a per application and per machine basis. Use it to collect bandwidth utilization consumed by each managed machine on your network. The network access function lets you approve or deny network access on a per application basis. Use the Network Statistics report to view network bandwidth utilization versus

  • time. Drill down and identify peak bandwidth consumers by clicking on the

graph's data points. See which application and which machine use bandwidth at any point in time. Applications that do not use the Windows TCP/IP stack in the standard way may conflict with the driver used to collect information and block access (especially older legacy applications). The agent cannot monitor network statistics or block network access if this driver is disabled. The Network Access function will not work unless the driver is enabled on the machine that you are trying to manage network access on. This driver resides between the Network and OS of the machine and it should be tested before deployment on mission critical machines, such as servers.

  • Click the Network Access link under the Protection function
  • Select which machine you wish to enable the network driver on by

checking the appropriate box

slide-11
SLIDE 11

Powered by Kaseya March, 2007 11

  • To enable the driver click the Enable at next reboot button
  • By clicking on the Machine ID link, you will see the list of applications

residing on that machine found in the latest audit

  • If desired, add any applications not found by the Audit in the appropriate

field

  • Determine which Applications you wish to add to your approved list

and your unapproved list

  • Click on the check box of the desired application
slide-12
SLIDE 12

Powered by Kaseya March, 2007 12 Note: Use the filters at the top of the screen to search for desired applications as shown below

  • After selecting the desired applications, return to the Kaseya application

and select the appropriate button

slide-13
SLIDE 13

Powered by Kaseya March, 2007 13

Testing the Network Access

  • Open the blocked application and attempt to access the internet
  • Click Check for updates now to attempt access to the internet
slide-14
SLIDE 14

Powered by Kaseya March, 2007 14

  • Click on the Connect button
  • If the Network Access was configured correctly, the Kaseya system will

shut down the Adaware application

slide-15
SLIDE 15

Powered by Kaseya March, 2007 15

Managing Exceptions To Your List

There are three choices to manage exceptions for unlisted applications

  • Ask User to Approve prompts the user for permission every time an

unlisted application tries to access the network

  • Approve all unlisted automatically approves all applications NOT listed
  • Deny all unlisted automatically denies all applications NOT listed
  • Click Apply after deciding action
slide-16
SLIDE 16

Powered by Kaseya March, 2007 16

Testing the Managed Exceptions

  • If the Exceptions were configured correctly above, the following dialog box

will appear and prompt for the appropriate action

slide-17
SLIDE 17

Powered by Kaseya March, 2007 17

Summary and Client Notes

  • 1. File Access – Allows Agent to protect any file on client machines from

unauthorized access by a rogue application or user

  • 2. Network Access - you to monitor and control access on a per

application and per machine basis. Use it to collect bandwidth utilization consumed by each managed machine on your network. The network access function lets you approve or deny network access on a per application basis

  • 3. Application Blocker – prevents any application from running on a
  • machine. Applications listed here are blocked when a user double clicks them or

tries to run the application at all.