preEmpt Enterprise Desktop Edition
preEmpt Enterprise Desktop Edition represents an enhancement to our desktop security product, preEmpt Home. Please click here for a general overview of preEmpt Home.
preEmpt Enterprise Desktop Edition can be installed with or without the Management Console. This provides real world flexibility where fully uniform desktops across the enterprise are the exception. Each desktop will receive the latest preEmpt hardening solutions regardless of what mix of networking/Microsoft OS technologies are in place.
preEmpt Management Console
The Management Console version of preEmpt differs from the Desktop and Server versions of the product in the following ways:
- The management console version includes an additional button in the preEmpt user interface that seamlessly launches the Windows Server Active Directory Users and Computers console for machines that have the Active Directory snap-ins installed.
- Active Directory templates are included to quickly build group policies for enterprise deployment and management of settings, such as which fixes are active for any given workstation or group of workstations.
For System Administrators, the management console version allows preEmpt to be managed independent of any local policy settings that are otherwise created for users across the enterprise.
When using Windows 2000 and later versions, preEmpt options are displayed directly in the MMC explorer and list windows.
Local Update Server
Enterprises have the option of deploying a Local Update Server to support updating of desktops from within their own networks and not using public internet secure broadcasts to perform fix and application updates.
Extensive summary and detail reporting is available through our Reporting module. Review your complete deployment from a simple dashboard or drill down into the specifics of fix deployment at the desktop level. The intuitive web interface and easy setup provides the Enterprise deployment with reporting options to add to existing compliance suites.
The General Options Group provides control over the runtime behavior of the preEmpt service. Each of the options below can be individually configured for different user groups within your organization.
Force System Protection
This policy allows administrators to forcibly enable or disable preEmpt protection on client computers. If this policy is configured, users will not be able to disable or enable protection manually.
This policy allows administrators to control the logging information produced by preEmpt clients. Logs are recorded both in a text file and in the Windows NT Application Event Log, where applicable.
This policy allows administrator to control how preEmpt clients update themselves automatically. Configurable features within Automatic Updates include:
- Seconds between update checks; this defaults to every six hours
- Whether or not updates are automatically applied
This policy allows administrators to control when and how preEmpt is allowed to restart client computers. preEmpt will only restart a system when a security update requires doing so. Configurable options include:
- Whether preEmpt is allowed to reboot the system if no users are logged in
- Whether preEmpt must reboot the system if no users are logged in
Any delay before rebooting
User Interface Options
The user interface options group provides control over the display of the preEmpt user interface and which tasks the user can perform.
Force User Interface Visibility
This policy allows administrators to control whether or not the preEmpt user interface appears on client computers. This is often used to completely hide the preEmpt user interface including the system tray icon. Besides protecting the computer from new worms, viruses and other malware, many organizations find that making preEmpt invisible to desktop users reduces their costs by eliminating help desk calls that typically occur with any new desktop application.
This policy allows administrators to control the appearance of the preEmpt user interface. The Appearance option allows IT administrators to control:
- Whether the main preEmpt UI can be displayed
- Whether the preEmpt system tray icon is displayed
- Whether the preEmpt system tray icon can display it"s context (right-click) menu
- Whether the main preEmpt user interface can be resized
- Whether detailed dialog messages are displayed in the event of an error
Degree of User Control
This policy allows administrators to control the actions that users can perform using the preEmpt user interface. A few examples for this feature include:
- Whether users can shut down the user interface
- Whether users can manually update preEmpt
- Whether users can enable or disable individual security fixes
- Whether users can configure general options
- Whether users can manually enable or disable preEmpt
The security options group provides a way to control which security fixes are applied on a computer. Security group options are all on / off type options which are enabled (on) by default. (A sample screen layout showing Fixes and the ability to control their activity is presented here):