NetWrix USB Blocker Version 3.6 Quick Start Guide



Similar documents
NetWrix USB Blocker. Version 3.6 Administrator Guide

NetWrix Privileged Account Manager Version 4.0 Quick Start Guide

INSTALLING MICROSOFT SQL SERVER AND CONFIGURING REPORTING SERVICES

NetWrix Account Lockout Examiner Version 4.0 Administrator Guide

NetWrix SQL Server Change Reporter

CONFIGURING MICROSOFT SQL SERVER REPORTING SERVICES

NETWRIX IDENTITY MANAGEMENT SUITE

NetWrix SQL Server Change Reporter

NetWrix Logon Reporter V 2.0

NETWRIX FILE SERVER CHANGE REPORTER

NetWrix Server Configuration Monitor

NETWRIX EVENT LOG MANAGER

NETWRIX ACCOUNT LOCKOUT EXAMINER

NETWRIX CHANGE NOTIFIER

NETWRIX WINDOWS SERVER CHANGE REPORTER

NetWrix Exchange Mail Archiver Version 1.5 Administrator Guide

NETWRIX USER ACTIVITY VIDEO REPORTER

NetWrix Password Manager. Quick Start Guide

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

Installation Notes for Outpost Network Security (ONS) version 3.2

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

VERITAS Backup Exec TM 10.0 for Windows Servers

Netwrix Auditor for Windows Server

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Netwrix Auditor for Active Directory

Pearl Echo Installation Checklist

Quick Start Guide for VMware and Windows 7

Netwrix Auditor for SQL Server

How To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (

NetWrix Exchange Change Reporter

NETWRIX DISK SPACE MONITOR

TANDBERG MANAGEMENT SUITE 10.0

Desktop Surveillance Help

NSi Mobile Installation Guide. Version 6.2

Web VTS Installation Guide. Copyright SiiTech Inc. All rights reserved.

Administrators Help Manual

4cast Client Specification and Installation

Netwrix Auditor for File Servers

Lepide Active Directory Self Service. Installation Guide. Lepide Active Directory Self Service Tool. Lepide Software Private Limited Page 1

Metalogix SharePoint Backup. Advanced Installation Guide. Publication Date: August 24, 2015

NETWRIX EVENT LOG MANAGER

NETWRIX PASSWORD MANAGER

DriveLock Quick Start Guide

Version 3.8. Installation Guide

NETWRIX CHANGE REPORTER SUITE

TROUBLESHOOTING INCORRECT REPORTING OF THE WHO CHANGED PARAMETER

Core Protection for Virtual Machines 1

Cloud Services ADM. Agent Deployment Guide

Important. Please read this User s Manual carefully to familiarize yourself with safe and effective usage.

Installation Instruction STATISTICA Enterprise Server

Netwrix Auditor for Exchange

1. Server Microsoft FEP Instalation

Sentinel Installation Guide

Symantec Backup Exec TM 11d for Windows Servers. Quick Installation Guide

Step-by-Step Guide to Setup Instant Messaging (IM) Workspace Datasheet

Issue Tracking Anywhere Installation Guide

QUANTIFY INSTALLATION GUIDE

intertrax Suite resource MGR Web

Quick Start Guide for Parallels Virtuozzo

Installing Windows Rights Management Services with Service Pack 2 Step-by- Step Guide

Ekran System Help File

About This Manual. 2 About This Manual

SplendidCRM Deployment Guide

Archive Attender Version 3.5

Acronis Backup & Recovery 11.5 Quick Start Guide

Legal Notes. Regarding Trademarks KYOCERA Document Solutions Inc.

Microsoft Dynamics GP SQL Server Reporting Services Guide

CONFIGURING TARGET ACTIVE DIRECTORY DOMAIN FOR AUDIT BY NETWRIX AUDITOR

GUARD1 PLUS SE Administrator's Manual

InventoryControl for use with QuoteWerks Quick Start Guide

DOCSVAULT Document Management System for everyone

Enterprise Manager. Version 6.2. Installation Guide

AIMS Installation and Licensing Guide

How To Install Help Desk Premier

Diamond II v2.3 Service Pack 4 Installation Manual

Active Directory Management. Agent Deployment Guide

Netwrix Auditor for Windows File Servers

LepideAuditor Suite for File Server. Installation and Configuration Guide

1. Installation Overview

Quick Start Guide 0514US

Synchronizer Installation

Table of Contents. Introduction...9. Installation Program Tour The Program Components...10 Main Program Features...11

Lepide Software. LepideAuditor for File Server [CONFIGURATION GUIDE] This guide informs How to configure settings for first time usage of the software

Backup Exec 15. Quick Installation Guide

Active Directory Change Notifier Quick Start Guide

Dell Recovery Manager for Active Directory 8.6. Quick Start Guide

TROUBLESHOOTING GUIDE

Trial environment setup. Exchange Server Archiver - 3.0

Installing and Configuring WhatsUp Gold

DESlock+ Basic Setup Guide ENTERPRISE SERVER ESSENTIAL/STANDARD/PRO

Netwrix Auditor for SQL Server

formerly Help Desk Authority Upgrade Guide

Practice Management Installation Guide. Requirements/Prerequisites: Workstation Requirements. Page 1 of 5

NetWrix File Server Change Reporter. Quick Start Guide

SQL Server 2008 R2 Express Installation for Windows 7 Professional, Vista Business Edition and XP Professional.

Sage Timberline Enterprise Installation and Maintenance Guide

Guide to Installing BBL Crystal MIND on Windows 7

Installing GFI Network Server Monitor

Installation Instructions Release Version 15.0 January 30 th, 2011

Transcription:

NetWrix USB Blocker Version 3.6 Quick Start Guide

Table of Contents 1. Introduction...3 1.1. What is NetWrix USB Blocker?...3 1.2. Product Architecture...3 2. Licensing...4 3. Getting Started...5 3.1. System Requirements...5 3.1.1. Management Server...5 3.1.2. Managed Computers...7 3.2. Installing the Product...5 3.3. Configuring the Product...8 3.3.1. Starting NetWrix USB Blocker...8 3.3.2. Configuring the Product...10 3.3.3. Monitoring Console and Administrative Portal...10 3.3.4. Monitoring Console Access Rights...12 4. Uninstalling the Product...12 5. Contacting NetWrix Support...12 6. Additional Software Links...12 7. About NetWrix Products...14 8. Disclaimer...14 Page 2

1. Introduction 1.1. What is NetWrix USB Blocker? NetWrix USB Blocker is a free of charge, easy-to-deploy solution that allows you to block USB devices automatically on computers in a specified domain or domain organizational units. The USB Blocker enforces centralized access control to prevent unauthorized use of removable media that connects to computer USB ports, such as memory sticks, removable hard disks, PDAs and others. USB port access control is an important aspect of your endpoint security, regardless of the effectiveness of your antivirus and firewall. The USB device lockdown protects your network against malware and prevents the theft of sensitive corporate data. The product relies on built-in group policy mechanisms and seamlessly integrates into your existing environment. Another advantage is its simplicity, as it takes only a couple of mouse clicks to configure the product and get the necessary USB ports blocked. NetWrix USB Blocker has an unlimited capacity in terms of network size. Benefits: Prevents unauthorized use of removable devices. Strengthens endpoint security. Enables regulatory compliance, such as SOX, HIPAA and GLBA. Saves you money in IT. Features: Seamless integration with Active Directory. Simple point-and-click deployment and interface. Fully centralized management. USB ports status monitoring. 1.2. Product Architecture Management server is the computer where the USB Blocker is installed. Thus this computer is further used to configure the USB Blocker. Managed computers are the computers where the USB Blocker Agent is installed and on which USB ports access is monitored and controlled with the USB Blocker. The management server and the managed computers must belong to a single domain. The USB Blocker should be first installed on the management server and then spread to the managed computers via the standard group policy mechanism. This is done automatically by the USB Blocker to all the specified managed computers. The management server then is used for centralized USB access control. Page 3

2. Licensing NetWrix USB Blocker is available only in the Freeware edition. Page 4

3. Getting Started Follow the instructions below to install and configure the USB Blocker. 3.1. System Requirements System requirements differ for the management server and the managed computers. 3.1.1. Management Server CPU x86 or x64 processor (1 GHz or faster). RAM 512 MB or more. OS required operating systems and additional software are described in the table below Operating System Additional Software Windows XP Windows Components: Internet Information Services (IIS).Net Framework 3.5.Net Framework 1.1 Group Policy Management Console (GPMC) Windows 2003 Server SP2 Windows Vista Windows Components: Internet Information Services (IIS) ASP.Net 1.Net Framework 3.5.Net Framework 1.1 Group Policy Management Console (GPMC) Windows 2008 Server Windows Components: Internet Information services (IIS) ASP.Net Microsoft Remote Server Administration Tools (RSAT).Net Framework 3.5 Windows Vista SP1 or higher Windows Components: Internet Information services (IIS) ASP.Net.Net Framework 3.5 Microsoft Remote Server Administration Tools (RSAT) Window 7 Windows 2008 Server R2 Windows Components: Internet Information services (IIS) ASP.Net.Net Framework 3.5 Microsoft Remote Server Administration Tools (RSAT) Note: Links for the additional system components are provided in the 6. Additional Software Links subsection. To install Windows components, please follow the instructions below: Note: A computer used to access the Monitoring Console (see 3.3.4. Monitoring Console and Administrative Portal ) via the web is required to have Silverlight installed. 1) For 64-bit systems ASP.NET is a part of.net Framework thus it does not have to be installed separately. Page 5

On Windows XP: Go to Control Panel > Add or Remove Programs > Add/Remove Windows Components. Select Internet Informational Services (IIS) and click on Details... Make sure that Common Files and Internet Information Services Snap-In are checked. Click OK and let Windows install the components. On Windows 2003 Server: Go to Control Panel > Add or Remove Programs > Add/Remove Windows Components. Please select Application Server and click on Details... For 32-bit version only: make sure that ASP.NET is checked. Select Internet Informational Services (IIS) and click on Details... Make sure that Common Files and Internet Information Services Manager are checked. Click OK and let Windows install the components. On Windows Vista / Windows 7: Go to Control Panel > Programs > Turn Windows Features on or off. First check Internet Information Services so that the check box becomes solid green, then expand the Internet Information Services > Web Management Tools tree node, and verify that IIS6 Management Compatibility (and all of its insides), IIS Management Console and IIS Management Service are checked. Expand the Internet Information Services > World Wide Web Services > Security tree node, and verify that Windows Authentication is checked. Click OK and let windows install the components. On Windows 2008 Server / 2008 Server R2: Click Start > All Programs > Administrative Tools > Server Manager. In the Server Manager window, select Roles. Click Add Roles. The Add Roles wizard opens. Click Next to select roles to install and select Web Server (IIS). Click Add Required Role Services. The Web Server is now selected for install. The Select Server Roles dialog box opens. Double-click Next. Verify that ASP.NET, Windows Authentication and IIS6 Compatibility are checked. Click Next and then click Install. IIS Note: USB Blocker requires at least one active IIS website to run. The default IIS setting includes a pre-created website so that normally you do not have to change anything. Although if you have deleted or disabled the IIS websites, it is necessary to get at least one of them up and running. ASP Note: If your system is 64-bit and ASP is not configured yet please follow these steps: 1. Click Start, click Run, type cmd, and then click OK. 2. Type the following command to disable the 32-bit mode: cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0 3. Type the following command to install the version of ASP.NET 2.0 and to install the script maps at the IIS root and under: %SYSTEMROOT%\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -i 4. Make sure that the status of ASP.NET version 2.0.50727 is set to Allowed in the Web service extension list in Internet Information Services Manager. Page 6

3.1.2. Managed Computers CPU x86 or x64 processor (1 GHz or faster). RAM 64 MB or more. OS Windows 2000 SP4 or later, joined to an Active Directory domain..net Framework 2.0 3.1.3. SQL Server An SQL 2005 or 2008 server is required for Monitoring Console (see 3.3.3. Monitoring Console and Administrative Portal ). You can use an existing SQL server or download MS SQL Express. Download link for MS SQL 2005 Express can be found in 8. Additional Software Links. Note: MS SQL 2005 is free but it only supports databases not greater than 4 Gb is size. However it is sufficient for the USB Blocker. Page 7

3.2. Installing the Product The USB Blocker can be installed on any computer in the managed domain. Choose one of the computers to be the management server. Before starting the installation process, carefully review all of the system requirements. The computer on which you install the USB Blocker must meet the management server requirements (see 3.1.1. Management server Error! Reference source not found.). Further, any computers n the network that you want to audit must meet the managed computers requirements (see 3.1.2. Managed computers ). To install the USB Blocker, run ubfree_setup.msi. The installation wizard guides you step-bystep through the installation process. Note: The account and password specified on the Computer Management page during the USB Blocker setup must have local administrator rights on the managed computers. When the installation process is complete, click Finish to close the wizard. You may leave the Start NetWrix USB Blocker check box selected if you want to run the application automatically when you exit the setup program. 3.3. Configuring the Product 3.3.1. Starting NetWrix USB Blocker and Configuration Window Layout Navigate to Start > All Programs > NetWrix Freeware > USB Blocker > USB Blocker. After doing so you will be presented with the programs main window (see Figure 1). Page 8

Figure 1: NetWrix USB Blocker configuration window See the USB Blocker Quick Start setup instructions on the next page. Page 9

3.3.2. Configuring the Product 1. Enable blocking by selecting the Block USB devices check box. 2. In the field Active Directory domain, specify the name of the managed domain (e.g. ACME, or ACME.com). 3. Select the All domain computers option. 4. For testing purposes, leave the default values for the rest of the options. For details, please refer to the NetWrix USB Blocker Administrator Guide. 5. Click OK. The USB Blocker creates a Group Policy Object that will install NetWrix USB Device Management Agent on managed computers. At this point, the configuration is saved, and the USB ports of managed computers will be blocked immediately after your restart the managed computers. 3.3.3. Monitoring Console and Administrative Portal You can also use the NetWrix USB Blocker Monitoring Console (requires an SQL Server 2005/2008, for a download link please see 6. Additional Software Links ) to monitor the status of agents installed on managed computers and the USB ports blocking status. Note: Any Internet browser with Silverlight (download link can be found in 6. Additional Software Links ) support is required to access the Monitoring Console via the web. When you run the Monitoring Console for the first time, the Monitoring Console Administrative Portal window will open in your default Internet browser. Figure 2: Monitoring Console Administrative Portal window Page 10

Type the names of the SQL server and database in the corresponding fields. You may use Integrated authentication or you may unmark this checkbox and enter your MS SQL administrator credentials. The NetWrix USB Blocker Monitoring Console window opens (see Figure 3). The left panel shows a list of the managed computers, as follows: The name of the computer. Status of the USB Device Management Agent. Whether there are blocked USB devices on the computer or not. The right panel includes details about the selected computer: The top section shows details about the USB devices attached to the selected computer, including the device name, type, user who plugged the device in, state of access to the device, and reason for granting or blocking. The bottom section shows details about users logged on to the selected computer, the name and the type of logging. If the computers are marked with red icons on the first run, it is most likely that the USB Device Management Agent is not yet installed on the managed computers (usually it means that the managed computers have not yet been restarted) or no users are logged in. To fix this please restart the managed computers. Figure 3: NetWrix USB Blocker Monitoring Console window Page 11

Restart the managed computers if it has not been done. The new Group Policy Object will be applied to the managed computers and the USB Device Management Agent will be installed. The USB devices on your managed computers will then be blocked according to the configuration settings you specified. 3.3.4. Monitoring Console Access Rights In correspondence with IIS designation, there are two groups of users who have privileged rights: 1. NetWrix USB Blocker Admins allowed accessing all the parts of the site. It means that they can access USB Blocker Monitoring Console Administrative Portal and create/configure USB Blocker SQL database. 2. NetWrix USB Blocker Operators only allowed accessing USB Blocker Monitoring Console to watch managed computers statuses. These groups exist as local if the management server is not DC and as domain in the other case. By default the person installed the product belongs to the NetWrix USB Blocker Admins group. 4. Uninstalling the Product You can uninstall NetWrix USB Blocker using the MS Windows Add/Remove Programs wizard. Note: Product uninstall will cause the corresponding Group Policy Object to be deleted. Thus rebooting the managed computers will restore uncontrolled access to their USB ports. Beware, sometimes software installation policy application may be delayed until the next logon because of the enabled logon optimization for group policy, in this case it will take two reboots. 5. Contacting NetWrix Support If you have any questions, use NetWrix Support Forum to get required information. Page 12

6. Additional Software Links.Net Framework 3.5 is available at http://www.microsoft.com/downloads/details.aspx?familyid=333325fd-ae52-4e35- B531-508D977D32A6&displaylang=en.Net Framework 2.0 is available at http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=0856eacb- 4362-4b0d-8edd-aab15c5e04f5 or for 64-bit systems at http://www.microsoft.com/downloads/details.aspx?familyid=b44a0000-acf8-4fa1- AFFB-40E78D788B00&displaylang=en.Net Framework 1.1 is available at http://www.microsoft.com/downloads/details.aspx?familyid=262d25e3-f589-4842- 8157-034D1E7CF3A3&displaylang=en Microsoft Silverlight is available at http://www.microsoft.com/silverlight/getstarted/install/default.aspx Group Policy Management Console (GPMC) is available at http://www.microsoft.com/downloads/details.aspx?familyid=0a6d4c24-8cbd-4b35-9272-dd3cbfc81887&displaylang=en Microsoft Remote Server Administration Tools (RSAT) is available for 32-bit systems at http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=9ff6e897-23ce-4a36-b7fc-d52065de9960&displaylang=en, or for 64-bit systems at http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=d647a60 B-63FD-4AC5-9243-BD3C497D2BC5 Microsoft SQL Server 2005 is available at http://www.microsoft.com/sqlserver/2005/en/us/express.aspx Page 13

7. About NetWrix Products Solutions developed by NetWrix Corporation help organizations to meet compliance standards, simplify identity management, and reduce IT infrastructure costs. The product line includes solutions for change management, identity management, virtualization, and Active Directory troubleshooting. NetWrix Active Directory Change Reporter reports the changes made to Active Directory and Group Policy and delivers detailed information on a daily basis. The report includes the 4 W s - Who, What, When, and Where - of all changes and includes before and after values for each and every setting. This report lists changes made to AD and Exchange configurations, Group Policy objects and setting modifications, and many more. NetWrix Password Manager product gives end users the ability to securely manage their passwords and resolve account lockout incidents in a self-service fashion without involvement of help desk personnel. NetWrix Account Lockout Examiner detects, diagnoses, and resolves account lockouts in real time to reduce administrative costs associated with manual resolution of account lockouts. Privileged Account Manager provides a secure facility for provisioning, accessing, automatic updating, and de-provisioning of shared administrative accounts, to enable centralized control and auditing of all shared accounts in organizations, from Active Directory and servers to routers and database systems. For more information, please visit www.netwrix.com or call our toll-free number: +1-888-638-9749. 8. Disclaimer The information in this publication is furnished for information use only, does not constitute a commitment from NetWrix Corporation of any features or functions discussed and is subject to change without notice. NetWrix Corporation assumes no responsibility or liability for any errors or inaccuracies that may appear in this publication. NetWrix is a registered trademark of NetWrix Corporation. The NetWrix logo and all other NetWrix product or service names and slogans are registered trademarks or trademarks of NetWrix Corporation. Active Directory is a trademark of Microsoft Corporation. All other trademarks and registered trademarks are property of their respective owners. 2010 NetWrix Corporation. All rights reserved. www.netwrix.com Page 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information