Virtual CD-Rom/Temporary Access/Sheduling
|
Logged in as: Guest
|
|
Users viewing this topic:
none
|
|
Login  | |
|
Virtual CD-Rom/Temporary Access/Sheduling - 12.Feb.2009 2:10:25 AM
|
|
|
Marfa
Posts: 17
Joined: 4.Feb.2009
From: Russia
Status: offline
|
1. GFI ESEC doesn't allow to start virtual cd-rom program driver (Daemon Tools or Alchocol 120%) so I'm not able to add virtual cd-rom to exclusions.
2. When I granted Temp. Access for 3 or more hours it runs out before this time. And user should generate new request code and etc.
3. There's one PC where devices should be blocked three days in a week. So I need to uninstall/deploy agent constantly 'cause I'cant schedule it.
Is there any solutions of my problems?
PS. Sorry for my english
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 16.Feb.2009 4:37:18 AM
|
|
|
Zolll
Posts: 236
Joined: 15.Jun.2005
Status: offline
|
Hi Marfa,
First of all thank you for pointing out these issues.
1. Virtual CD-ROM programs and many CD/DVD writer applications use the so called SPTD driver (SCSI Pass-Thrugh Direct layer) to simulate / write on device. In order we can block such virtual devices, we have to block completely this driver, for every user. If you wish to allow usage of such virtual devices on computers that are protected by the GFI ESEC agent, you can:
- Configure the CD-ROM devices as not being controlled by ESEC or
- Configure that everyone has access to the CD-ROM devices
2. Can you give us some more details on this please? How much earlier does your temporary access run out? It would be very useful if we could take a look on the debug logs from the agent - can you escalate this issue to the ESEC support please?
3. Scheduling of protection policies is not implemented yet. We will consider it as a feature request for the next version. However, to ease your work and in order not to uninstall the agents, you can do the following:
Create two protection policies - one that will apply for those 3 days in which you wish to block the devices on the agents and one that will be used on other days. When these 3 days run out, you can easily move the agents to the second protection policy.
I hope this helps ... if you need some more help, please let me know.
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 17.Feb.2009 3:08:22 AM
|
|
|
Marfa
Posts: 17
Joined: 4.Feb.2009
From: Russia
Status: offline
|
2. It runs out in 2-2,3 hours after unlock. For example, I give access 4 or 6 hours but it always runs aout after 2-2,3 hours
DebugLog is here (Computer name is Lulchak): http://file.qip.ru/file/76285058/b2678eb8/DebugLogs.html
or Marfa.zip @ your FTP
And I've found problem #4: ESEC can't check for updates behind proxy with authentication
< Message edited by Marfa -- 17.Feb.2009 5:00:45 AM >
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 18.Feb.2009 4:17:40 AM
|
|
|
Zolll
Posts: 236
Joined: 15.Jun.2005
Status: offline
|
Hi Marfa,
Thanks for the debug logs. I have checked them out and determined that the reason why temporary access stops earlier is because you have different date/time (most probably different time zones configured) on your server and agent machine. Please note that we use UTC date/times everywhere in order to minimize time zone difference problems. Try setting the same time zone on both machines or increment the end time of your temporary access key with 1 hour, since there is a 1-hour difference between the two machines.
Related to issue #4, ESEC uses the network settings configured in internet explorer, this is the way most windows applications do. Since IE does not offer entering credentials for proxy with authentication, there is no way we can connect to the internet from our application. Try not to use proxy or use one without authentication.
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 18.Feb.2009 5:21:36 AM
|
|
|
Marfa
Posts: 17
Joined: 4.Feb.2009
From: Russia
Status: offline
|
Thaks for support, I'll check it out tomorrow
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 19.Feb.2009 3:37:56 AM
|
|
|
Marfa
Posts: 17
Joined: 4.Feb.2009
From: Russia
Status: offline
|
nope, there's absolutely same time zones and etc...
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 25.Feb.2009 12:24:04 PM
|
|
|
Marfa
Posts: 17
Joined: 4.Feb.2009
From: Russia
Status: offline
|
Это было решение для третьей проблемы
а с алкоголями никак, только доступ к сидиромам открывать... хотя, как вариант... можно попробовать дать полный доступ к сидиромам, но в Black List внести все физические сидюки. Это я щас придумал, завтра попробовать надо бы...
< Message edited by Marfa -- 25.Feb.2009 12:25:25 PM >
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 27.Feb.2009 10:18:37 AM
|
|
|
Zolll
Posts: 236
Joined: 15.Jun.2005
Status: offline
|
Jet: As far as you are controlling any CD-rom device, daemon tools or similar applications will not be able to load the SPTD driver, that is why you are getting the error messages.
Marfa: I'm glad you managed to fix the issue. It was clear that something was incorrect with the date/time on both of the machines, since from the debug logs i could see that there was a one-hour difference.
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 13.Oct.2009 6:21:50 AM
|
|
|
Voyager__69
Posts: 13
Joined: 19.May2008
From: Ukraine
Status: offline
|
Understood not possible to solve Daemon Tools problem.
Trying to allow CD for all, I deleted CD/DVD from the list of control device. However on controled machines still can't run Daemon tools! Full unninstal only help. Please advice how allow CD to all? Ridiculous to install/uninstall all the time...
Thanks,
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 13.Oct.2009 8:14:46 AM
|
|
|
Zolll
Posts: 236
Joined: 15.Jun.2005
Status: offline
|
Voyager,
If you don't control ANY CD/DVD drives in your protection policy, EndPointSecurity agent will not block the SPTD driver used by several virtual-drive emultading software (such as Daemon Tools or Alcohol), meaning that these application will work well in this case.
I hope this helps.
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 14.Oct.2009 7:39:28 AM
|
|
|
Voyager__69
Posts: 13
Joined: 19.May2008
From: Ukraine
Status: offline
|
I also expect so... but in fact: CD/DVD contol disabled - Damon can't start (same error above), after deleting GFI from machine - no problem! Mystic.
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 14.Oct.2009 8:16:35 AM
|
|
|
Zolll
Posts: 236
Joined: 15.Jun.2005
Status: offline
|
Voyager,
Could you please tell me what OS are you having on the machines with the Daemon Tools problem, whether you are using the latest EndPointSecurity build and what version of Daemon Tools you are using. We will have to try to reproduce this in house, let's see if for some reason we could block the SPD driver ...
Thanks!
|
|
|
|
|
RE: Virtual CD-Rom/Temporary Access/Sheduling - 14.Oct.2009 9:34:12 AM
|
|
|
Voyager__69
Posts: 13
Joined: 19.May2008
From: Ukraine
Status: offline
|
Easy. OS on all machines Windows XP SP3. EPS ver. 4.0.20071121 (looks not latest), Daemon tools Lite 4.30.4.0027. In network exist AD on Win2003, but not controlled from EPS. Thanks.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
Printable Version
Among other things, DT said it was "not possible to load the driver" and/or "need to disable the debugger".