Using WMI Scripts with BitDefender Client Security



Similar documents
Pearl Echo Installation Checklist

Getting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 3 Installing Windows

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol...

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Server Manager Performance Monitor. Server Manager Diagnostics Page. . Information. . Audit Success. . Audit Failure

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

1. System Requirements

Universal Management Service 2015

Installation Instruction STATISTICA Enterprise Small Business

VERITAS Backup Exec TM 10.0 for Windows Servers

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

STATISTICA VERSION 11 CONCURRENT NETWORK LICENSE WITH BORROWING INSTALLATION INSTRUCTIONS

1. Installation Overview

4cast Client Specification and Installation

INSTALLING MICROSOFT SQL SERVER AND CONFIGURING REPORTING SERVICES

Installation and Deployment

Getting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started

Deploying Microsoft RemoteFX on a Single Remote Desktop Virtualization Host Server Step-by-Step Guide

Getting Started with Vision 6

AdminToys Suite. Installation & Setup Guide

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

Step-by-Step Guide to Setup Instant Messaging (IM) Workspace Datasheet

Getting started. Symantec AntiVirus Business Pack. About Symantec AntiVirus. Where to find information

Web Supervisor/Agent. System Requirements & Troubleshooting Guide. 989 Old Eagle School Road Wayne, PA (610)

Installation Instruction STATISTICA. Concurrent Network License with Borrowing Domain Based Registration

Nexio Connectus with Nexio G-Scribe

Installation Notes for Outpost Network Security (ONS) version 3.2

User's Manual. Intego Remote Management Console User's Manual Page 1

Installing OneStop Reporting Products

BitDefender Security for Exchange

Chapter 5: Fundamental Operating Systems

FactoryTalk Gateway Getting Results Guide

ACTIVE DIRECTORY DEPLOYMENT

Education Software Installer 2011

Installation Instruction STATISTICA Enterprise Server

INSTALL AND CONFIGURATION GUIDE. Atlas 5.1 for Microsoft Dynamics AX

Windows Operating Systems. Basic Security

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Introduction 1-1 Installing FAS 500 Asset Accounting the First Time 2-1 Installing FAS 500 Asset Accounting: Upgrading from a Prior Version 3-1

Table of Contents. Introduction...9. Installation Program Tour The Program Components...10 Main Program Features...11

Active Directory Software Deployment

NetWrix USB Blocker Version 3.6 Quick Start Guide

StrikeRisk v6.0 IEC/EN Risk Management Software Getting Started

Drive Vaccine PC Restore

escan Corporate Edition User Guide

TeamViewer 9 Manual ITbrain

Sage ERP MAS 90 Sage ERP MAS 200 Sage ERP MAS 200 SQL. Installation and System Administrator's Guide 4MASIN450-08

Client Manager for Endpoint Protection (CMEP) User s Guide

BITDEFENDER ENDPOINT SECURITY TOOLS

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

CONFIGURING MICROSOFT SQL SERVER REPORTING SERVICES

Symantec Backup Exec TM 11d for Windows Servers. Quick Installation Guide

Installation Guide - Client. Rev 1.5.0

For Splunk Universal Forwarder and Splunk Cloud

Installing and Upgrading to Windows 7

Administrator s Guide

User Manual. Copyright Rogev LTD

Symantec Mail Security for Microsoft Exchange

Contents. Hardware Configuration Uninstalling Shortcuts Black...29

Intelligent Power Protector User manual extension for Microsoft Virtual architectures: Hyper-V 6.0 Manager Hyper-V Server (R1&R2)

GE Healthcare Life Sciences UNICORN Administration and Technical Manual

Contents 1. Introduction 2. Security Considerations 3. Installation 4. Configuration 5. Uninstallation 6. Automated Bulk Enrollment 7.

ZENworks 11 Support Pack 4 Full Disk Encryption Agent Reference. May 2016

Operating System Installation Guide

Guest PC. for Mac OS X. User Guide. Version 1.6. Copyright Lismore Software Systems, Ltd. All rights reserved.

CLOUD SECURITY FOR ENDPOINTS POWERED BY GRAVITYZONE

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

Administration Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Enterprise Server. Application Sentinel for SQL Server Installation and Configuration Guide. Application Sentinel 2.0 and Higher

for Networks Installation Guide for the application on the server July 2014 (GUIDE 2) Lucid Rapid Version 6.05-N and later

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

Installation Overview

Spyware Doctor Enterprise Technical Data Sheet

Acronis AntiVirus 2010 User's Guide

13 Managing Devices. Your computer is an assembly of many components from different manufacturers. LESSON OBJECTIVES

Advanced Event Viewer Manual

NetWrix Account Lockout Examiner Version 4.0 Administrator Guide

CANON FAX L360 SOFTWARE MANUAL

MRI Commercial. MRI Residential. CRE Manager. Windows Version 4.0 Installation Guide

Installation Instructions Release Version 15.0 January 30 th, 2011

Getting started. Symantec AntiVirus Corporate Edition 8.1 for Workstations and Network Servers

SOFTWARE INSTALLATION INSTRUCTIONS

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

FAS Asset Accounting FAS CIP Accounting FAS Asset Inventory SQL Server Installation & Administration Guide Version

Paul McFedries. Home Server 2011 LEASHE. Third Edition. 800 East 96th Street, Indianapolis, Indiana USA

Virtual CD v10. Network Management Server Manual. H+H Software GmbH

Administrator s Guide

MAPILab Search for Exchange. Administrator s Guide. Version 1.3

CYCLOPE let s talk productivity

DriveLock Quick Start Guide

Portions of this product were created using LEADTOOLS LEAD Technologies, Inc. ALL RIGHTS RESERVED.

Table of Contents. CHAPTER 1 About This Guide CHAPTER 2 Introduction CHAPTER 3 Database Backup and Restoration... 15

Dell UPS Local Node Manager USER'S GUIDE EXTENSION FOR MICROSOFT VIRTUAL ARCHITECTURES Dellups.com

The Evolved Office APPLICATION PLATFORM REQUIREMENTS. Release: 16.0

Portions of this product were created using LEADTOOLS LEAD Technologies, Inc. ALL RIGHTS RESERVED.

File and Printer Sharing with Microsoft Windows

SOS Suite Installation Guide

Citrix EdgeSight Installation Guide. Citrix EdgeSight for Endpoints 5.3 Citrix EdgeSight for XenApp 5.3

Transcription:

Using WMI Scripts with BitDefender Client Security Whitepaper Copyright 2009 BitDefender;

Table of Contents 1. Introduction... 3 2. Key Benefits... 4 3. Available WMI Script Templates... 5 4. Operation... 7 5. Examples... 9 5.1. Gathering Information about Client Workstations... 9 5.2. Application Control... 10 5.3. Increasing Your Network Security... 13 Appendix. Description of WMI Script Templates... 14 Using WMI Scripts with BitDefender Client Security 2

1. Introduction BitDefender Client Security is a robust and easy-to-use business security and management solution, which delivers superior proactive protection from viruses, spyware, rootkits, spam, phishing and other malware. BitDefender Client Security comprises several features for automated network management to provide maximum value to its customers. One such feature is support for Windows Management Instrumentation (WMI) scripting. WMI is the Microsoft implementation of Web-Based Enterprise Management (WBEM), an initiative to establish standards for accessing and sharing management information in an enterprise network. WMI is WBEM-compliant and provides integrated support for Common Information Model (CIM), the data model describing the objects that exist in a management environment. Basically, WMI allows managing Windows workstations using scripts. WMI scripts can be run only on workstations with WMI services installed. WMI is preinstalled in Windows Vista, Windows Server 2008, Windows Server 2003, Windows XP, Windows Me, and Windows 2000. More Information For more details on WMI, please refer to the Windows Management Instrumentation topic on the Microsoft Developer Network (MSDN) website. Usually, the implementation and deployment of any fully customized automated solution is an extremely challenging and complex process. To avoid the time-consuming task of researching and developing WMI scripts, BitDefender Client Security offers you 40 predefined templates for scripting purposes. BitDefender Client Security enables running WMI scripts on groups of network workstations and provides scheduling capabilities to reduce the administration effort and centralize results. Thus, IT administrators can perform network audit (gathering of hardware and system information from workstations) and administrative actions remotely. Different from other business security solutions that may include third-party software to provide WMI scripting support, BitDefender Client Security directly integrates WMI scripts into its management component, BitDefender Management Server. This results in a lower Total Cost of Ownership and a comprehensive and easy-to-use management solution. Using WMI Scripts with BitDefender Client Security 3

2. Key Benefits Several important benefits arise from using the WMI scripts implemented in BitDefender Management Server: Reduced Network Administration Workload and Costs Saves IT administrators the time they would spend to learn about and develop WMI scripts by providing 40 predefined WMI script templates Reduces considerably the time spent on centralizing network audit information from all network workstations Enables network and security administration from a single interface through the use of the BitDefender Management Console Provides full automation by allowing WMI scripts to be run on groups of workstations (the Management Server integrates with Active Directory for easy and flexible group management) Enhances management capabilities and reduces the administration effort by allowing IT administrators to take action (remove software, restart, shutdown, log off) on network workstations remotely Helps reduce workstation downtime by assisting IT administrators in the troubleshooting process with preliminary information about the affected network workstations Helps maintain compliance with application use policies by enabling IT administrators to remotely control the applications installed and the processes running on the network workstations Helps making the network more secure by enabling IT administrators to remotely control the use of Windows autorun and USB storage devices in the network Improved Network Visibility and Monitoring Allows performing network audit by gathering: hardware information system and software information Windows user accounts information disk and file system information Provides quick and easy access to information by centralizing the results of each script. Using WMI Scripts with BitDefender Client Security 4

3. Available WMI Script Templates BitDefender Client Security allows creating WMI scripts based on predefined WMI script templates. The following table displays all 40 WMI script templates currently available, grouped by their use: Category Administrative Actions Available Script Templates Computer restart (12 script templates) Computer shutdown System and Software Information Enable/Disable Autorun for All Drives Enable/Disable USB Mass Storage Install Windows Updates Kill Process Log off user Remote Desktop Connection Remove Software Run program Send message Windows Automatic Updating Operating System (13 script templates) Get system info Get Last SP Installed Enumerate All Startup Programs Enumerate Startup Programs (MSI) List Installed Software (All) List Installed Software (MSI) List Hotfix Current Processes List Services List WMI Settings List startup info List startup menu Using WMI Scripts with BitDefender Client Security 5

Category Disk and File Systems Information Available Script Templates Current Shares (5 script templates) Free Disk Space Windows User Accounts Information List Logical Disk Info Enumerate memory Enumerate pagefile List current users (4 script templates) List local users Hardware Information List Domain and Workgroup info List logon session info List CPU Info (6 script templates) List MB (motherboard) Settings List Video Info List monitor settings List network adapter values List power management info You can find a detailed description of each WMI script template in the appendix. Operating System Restrictions To run the following WMI scripts on Windows Server 2003 or 64-bit Windows operating systems, you must first install the Windows Installer Provider (MSI provider), as it does not come preinstalled on default installations. Enumerate startup programs (MSI) List installed software (MSI) Get system info This provider is included on the Windows installation CD as an optional Windows component and can be installed using the Control Panel. For more information, please refer to the following topics on the Microsoft Developer Network (MSDN) website: Operating System Availability of WMI Components Windows Installer Provider Using WMI Scripts with BitDefender Client Security 6

4. Operation IT administrators create WMI scripts using the dedicated snap-in from the BitDefender Management Console. WMI Scripts Snap-In The WMI scripts can be run on any WMI-enabled workstation managed by BitDefender Management Server. These are the stages of the script creation and execution process: 1. In the management console, the IT administrator creates a WMI script using the WMI script template appropriate to the task to be performed. In most cases, the script is created immediately, without having to configure any settings. 2. The IT administrator assigns the WMI script to run on specific client workstations or groups of client workstations. The script can be scheduled to run one time only or on a regular basis. 3. During the agent-server communication session, BitDefender Management Server sends the script request to the BitDefender Management Agent installed on the assigned client workstations. 4. BitDefender Management Agent runs the script immediately or as scheduled. Using WMI Scripts with BitDefender Client Security 7

5. After the script is executed, BitDefender Management Agent sends the results to BitDefender Management Server. 6. The IT administrator can check the results in the management console. The diagram below illustrates how WMI scripts operate in BitDefender Client Security. Operation Diagram Using WMI Scripts with BitDefender Client Security 8

5. Examples Here are three examples of tasks that can be accomplished using the WMI scripts provided by BitDefender Client Security: Gathering Information about Client Workstations Application Control Making Your Network More Secure 5.1. Gathering Information about Client Workstations WMI scripts can be successfully used in the troubleshooting process. The IT administrator can remotely run specific WMI scripts to obtain preliminary information about client workstations having issues. Based on this information, the IT administrator can better assess the problem and find potential quick fixes. The Get system info script, for example, provides useful information about client workstations, such as: operating system information system name, model and manufacturer total RAM memory processor BIOS version Get System Info Using WMI Scripts with BitDefender Client Security 9

5.2. Application Control A number of WMI scripts help maintain compliance with the organization's policies regarding the use of applications. Using only the BitDefender Management Console, the IT administrator can easily find out what software is installed on client workstations and remove undesired applications (only MSI-installed applications can be removed). Step 1 - Verifying Installed Applications To verify what applications are installed on client workstations, the IT administrator can use one of the following WMI scripts: The List Installed Software (MSI) script can be used to obtain the list of applications installed on client workstations with the Windows installer. The List Installed Software (All) script can be used to obtain the list of all the applications installed on client workstations, including all MSI-installed applications and the Microsoft and Windows updates. Once the script is executed, the IT administrator can check the results in the Current WMI Scripts pane of the management console by double-clicking the script. The image below provides an example of such results for a client workstation. List Installed Software Using WMI Scripts with BitDefender Client Security 10

Other Useful Scripts Two other scripts can provide additional information about the software installed on client workstations: List startup menu retrieves the applications that have shortcuts in the Start menu. Current Processes provides information about the processes currently running on client workstations. Step 2 - Removing Installed Applications If an application installed on a client workstation does not comply with the application use policies, it can be easily removed from the results section of the List Installed Software script. Here are a few examples of application types that can be removed remotely: antivirus chat VoIP multimedia games Note Only MSI-installed applications can be removed. In order to remove an application, the IT administrator must go to the Installed programs tab. Installed Programs Using WMI Scripts with BitDefender Client Security 11

Two tables are displayed here: The left-side table displays all applications installed on the client workstations the script has run on. The right-side table displays all client workstations on which a selected application is installed. It takes a few easy steps to remove an undesired application: 1. Select the application from the list. 2. To remove the application from all the workstations it is installed on, select the check box in the Client name column header. To remove it from specific workstations, only select the corresponding check boxes. 3. Select a restart option. A computer restart may be required to completely remove the selected application. 4. Click Uninstall and then OK to remove the application from the selected computers. A Run program WMI script is automatically created and assigned to the selected computers so that the application is removed. Application removal will require no user intervention. Once the script is executed, the IT administrator can check the results in the Current WMI Scripts pane by double-clicking the script. Run Program Using WMI Scripts with BitDefender Client Security 12

5.3. Increasing Your Network Security Computer worms are increasingly using USB storage devices and the Windows autorun feature to spread through networks. This was the case with the recent Downadup worm, also known as Conficker or Kido, which is estimated to have infected millions of business network computers. Note Autorun enables automatic detection and reading of new media connected to the computer. Such media includes USB flash drives, network shares, CDs, DVDs and other. This Windows feature can be used to automatically execute malicious code as soon as an infected medium is connected to the computer. To help IT administrators counter these network vulnerabilities, BitDefender Client Security provides the following WMI scripts: Enable/Disable Autorun for All Drives - to remotely control autorun for all drives on managed computers. Enable/Disable USB Mass Storage - to remotely allow or block the use of USB storage devices on managed computers. IT administrators can run these WMI scripts on all managed computers to completely disable autorun and USB storage devices in the network. Afterwards, these WMI scripts can be run as needed to temporarily enable autorun and USB storage devices on specific managed computers or groups. Using WMI Scripts with BitDefender Client Security 13

Appendix. Description of WMI Script Templates This appendix provides a detailed description of the available WMI script templates. Computer restart Restarts client workstations. Computer shutdown Shuts down client workstations. Current Processes Provides information on the processes currently running on client workstations. Current Shares Provides information about the existing shares on client workstations. Enable/Disable Autorun for All Drives Enables or disables the Windows Autorun feature for all drives on client workstations. Autorun enables automatic detection and reading of new media. Enable/Disable USB Mass Storage Enables or disables USB storage devices on client workstations. Such devices include USB memory sticks (flash pens) and mp3 players. Enumerate All Startup Programs Provides information about all the programs that run on client workstations at startup. Enumerate memory Provides the size of the physical (RAM) memory installed in client workstations. Enumerate pagefile Provides information about the virtual memory (the page file) available on client workstations. This includes: the location and size of the page file the initial and the maximum size Enumerate Startup Programs (MSI) Provides information about the programs installed using the Windows installer that run on client workstations at startup. Free Disk Space Provides the list of the logical disks on client workstations and the available disk space on each of them. Get Last SP Installed Provides the version of the Windows Service Pack installed on client workstations. Using WMI Scripts with BitDefender Client Security 14

Get system info Provides useful information about client workstations. This includes: operating system information system name, model and manufacturer total RAM memory processor BIOS version Install Windows Updates Helps you identify the Windows updates available for client workstations and install all or specific Windows updates on client workstations. Kill Process Ends a specific process running on client workstations. The Current Processes script can be used to obtain the list of running processes. List CPU Info Provides various information about the processor of client workstations. This includes: processor name and ID description manufacturer clock speed List current users Lists the users currently logged on to client workstations. List Domain and Workgroup info Provides information on the domain or workgroup client workstations are part of. List Hotfix Provides information about the Microsoft and Windows hotfixes installed on client workstations. List Installed Software (All) Provides the list of all software and Microsoft and Windows updates installed on client workstations. An uninstall command line is provided for each application or update installed with the Windows installer. You can remove an application using this command line with a Run Program script. List Installed Software (MSI) Provides the list of software installed on client workstations with the Windows installer. An uninstall command line is provided for each application. You can remove an application using this command line with a Run Program script. List local users Provides information about the local Windows user accounts configured on client workstations. Using WMI Scripts with BitDefender Client Security 15

List Logical Disk Info Provides information about the logical disks (floppy drive, hard-disk drives, CD-ROM drive etc) on client workstations. This includes: name (label) description free disk space size List logon session info Provides information regarding the logon session on client workstations. List MB Settings Provides information about the motherboard of client workstations. This includes: name manufacturer serial number List monitor settings Provides information about the monitor of client workstations. This includes: monitor type manufacturer physical dimensions List network adapter values Provides detailed information about the network adapters installed in client workstations. This includes: adapter type manufacturer MAC and network address List power management info Provides power management information about client workstations. List Services Provides various information regarding the services running on client workstations. This includes: service name and display name state (stopped / running) start mode (automatic / manual / disabled) description List startup info Provides information on the startup of client workstations. List startup menu Lists the program shortcuts from the Start menu of client workstations. The entries are grouped by user. Using WMI Scripts with BitDefender Client Security 16

List Video Info Provides various information regarding the video display of client workstations. This includes: video adapter name and type graphics memory resolution driver name and version minimum and maximum refresh rates List WMI Settings Provides information about the WMI settings of client workstations. Log off user Logs off the current user logged on to client workstations. Operating System Provides useful information about the operating system running on client workstations. This includes: operating system and version registered user serial number installation time Remote Desktop Connection Changes the Windows settings on client workstations in order to allow or block incoming remote connections through Remote Desktop Connection. Remove Software Removes a specific application installed on client workstations. The script can be used to remove any application that appears in the Add or Remove Programs applet in the Control Panel. Run program Runs a specific application on client workstations. The application can be located on the target workstation or on the local machine (where the BitDefender Management Console is installed). Send message Sends a message to the user logged on client workstations. For Windows 2000 workstations, the script uses the net send command and requires the Messenger service to be started (default setting). For other Windows workstations, the script uses the msg command and requires the Terminal Services service to be started (default setting). Windows Automatic Updating Configures Windows Automatic Updates on client workstations. Windows Automatic Updates helps users keep their operating system up-to-date. Using WMI Scripts with BitDefender Client Security 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information