Listing of computers added to the Workgroups protection policy. Users can be added to the group via the product's user console or Active Directory/ Local Users management console. The structure of the user console is quite spartan so it is a piece of cake to customize specific devices for controlling purposes, as well as adding users to the precise groups.
group users by computer types (i.e. notebooks and desktops), or it will be better to control them when they are described by departments (marketing, tech support etc).
The most important part of the configuration process is setting up the protection policies. By default, GFI EndPointSecurity offers three policies: Servers, Workgroups and Laptops. These are, of course, just samples and it is simple to rename them or create your own.
Besides being a mechanism of control, GFI's product offers some versatile logging possibilities. When an action is triggered, the agent logs to a local event log, as well as to the SQL Server if the administrator enabled this option. The SQL logs can be read and exported in a number of ways, and the event logs can be inspected with different tools, the easiest of course being the Event Viewer.
I would recommend customizing this listing to the maximum, because when you start grouping your computers in these policies you will need to think about optimization. As every designated policy has its own set of rules, you need to plan on wether you will
The logging is working just fine, even in the occasion when a client computer is a notebook and it periodically gets disconnected from the network. All the device access protection procedures will still be active and all the events will be saved into a buffer.
www.insecuremag.com
23