DriveLock is a lightweight software solution that helps you secure your desktop computers. It has a Multilingual User Interface (MUI), allowing you to select the desired language during installation or when running the program. DriveLock offers dynamic, configurable access control for mobile drives (floppy disk drives, CD-ROM drives, USB memory sticks, etc.). Please see the Concept of DriveLock with a focus on Encryption and also see how to perform DriveLock quick setup, and the concept-drivelock-with-a-focus-on-encryption.
Below is an architecture of DriveLock (Encryption software): Encryption is another main feature of DriveLock that can help you secure sensitive information by enforcing encryption when data is copied to removable drives.
You can use the DriveLock Full Disk Encryption option to encrypt hard disks, including the system partition and to perform pre-boot authentication with single sign-on to Windows or with the DriveLock Encryption-2-Go (Container-based Encryption).
With this architecture, we can determine the various components we are going to install. Click on the DriveLock setup as shown below. This is the easiest way to install DriveLock components by using the DriveLock Installer (DLSetup.exe). This program can check whether the most current installation packages for all components are already present and if not, it will download the missing packages from the Internet. The DriveLock Installer runs both on 32-bit and 64-bit computers
Double click on the extracted DLSetup.exe file as shown below
This will open up the DriveLock installation wizard as shown below.
– Note: Here you have the option to change the language as well.
– Click on Next
– This will prompt the end user license agreement
– Click on the “I accept the terms in the license Agreement”
– Click on Next
I will be installing the following DriveLock components as shown below.
– Management console
– Control Center
– Agent (includes all components)
Note: For an Enterprise installation, I will not have selected the "MsSQL Server Express" Since, this is been demonstrated in a test environment, I will be select the "MsSQL Server Express"
-I have decided to install the Enterprise service on a later time and this will be done in step 3 below. If you do not want to perform step 3 below, PLEASE select the Enterprise Service. Download the image below for more details.
This Enterprise service is not required for DriveLock to operate, but it lets administrators easily monitor all DriveLock operations and user activities in the entire organization.
– Click on Next,
This will list the DriveLock components that will be installed.
This will continue with the DriveLock installation as shown below
– When this completes, you will be able to click on next.
As you can see above, other installation packages are downloaded as well.
When this completes, it will continue with the installation and install all the needed components itself as shown below
When this installation is complete, DriveLock will prompt a window showing “installation is successful” as shown below.
– Click on Finish
This steps completes the installation.
Step 2 – DriveLock Quickstart Setup configuration: The screenshot below will be prompted to perform DriveLock quick setup as shown below.
We will return to this step after completing step 3 (installing Enterprise Service). This is one of the prerequisites to run the DriveLock Quickstart setup. For more information on this step, see the following link.
– Click on Next
Next, you are prompted to enter a server name and port (You can make use of the default port if it does not conflict with your system).
Because I do not have the DriveLock Enterprise Service (DES) installed, I cannot continue with the above process (step 2). I wanted to have it installed separately.
At this point, you can access all DriveLock application on your PC. This is because Enterprise Service is not required for DriveLock to operate, but it allows administrators to easily monitor all DriveLock operations and user activities in the entire organization.
For more information about the available tools for DriveLock Encryption 2-Go and DriveLock File Protection, see below.
Step 3 – Install the Enterprise Service: This is a central component that consolidates all DriveLock events and Device Scanner results in a central database. Administrators can then use this data to create dynamic reports for auditing and management purposes.
Like I said previously, the Enterprise service is not required for DriveLock to operate, but it lets administrators easily monitor all DriveLock operations and user activities in the entire organisation. Because of this, I will proceed with the installation of Enterprise Service as shown below.
Install the Enterprise Service: Here the MsSQL is supposed to be installed in this step but since it has been installed previously, it will be ignored.
– Click on the DriveLock setup once more
When you click on finish, this will prompt the following windows below to continue with the installation of DriveLock Enterprise (DES).
– Click on Next and
– Select on the “I accept the terms in the license Agreement”
This will display a service Account information window
– You can click on “Browse” in order to select an Active Directory Object
Enter the username and password in the samAccountName format
– Click on Next
Since, I do not have a certificate and this is a test environment
– I will select the self signed certificate option as shown below
– Click on install to the DriveLock Enterprise service installation
The following screenshoot below, shows that the DriveLock Enterprise service has been installed correctly.
when the DriveLock Enterprise service installation completes, you will be prompted with the image below to continue "DriveLock Database Installation Wizard" in order to setup your service mode for your DriveLock.
– Note: We also have the MsSQL express installed already.
Walk through the steps by clicking on next as shown below.
Select an option for the DES role
– Since, this is the only server, I will be selecting the first option as shown below “Central DriveLock Enterprise Service (default).
Note: I did not select the Linked DES Servers. This is required in large DriveLock deployments you can minimise the use of system resources and network bandwidth by linking DES servers. In a linked deployment, one or more DES servers at branch offices are running in “Cache & Linked” mode.
These servers collect events from DriveLock Agents but don’t write the events to the database. Instead DES servers in Cache & Linked mode forward the event data in compressed form to a central DES server at preconfigured intervals. The central DES Server, which is running in the standard “Cache & Process” mode, is connected to a database server
and writes the event data it receives from linked servers and clients to the DriveLock database.
– Select “Check /Update an existing DriveLock Database
– Enter the server in the form of samAccountName and
– Click on test connection.
If this display the green ok icon as shown below with a connection test detected, click on Next.
On the setup accounts, select the account that will be used to configure theDriveLock Control Center Administrator and DriveLock Management Console Administrator as shown below.
Below is a summary of the DriveLock Database installation.
This will process actions as shown below by executing built-in scripts and create a database as shown in the images below.
Below, the SchemaRelation is being created.
Note: Do not interrupts this action, you can view the logs, this process is very slow as you can see below
The image below shows that the DriveLock database. Please also take note of the messages (logs) displayed below.
Next, setup the database maintenance as shown below. Here is a test environment and these values are okay with me for testing purpose.
– Enable the database maintenance and set the number of days the event will be deleted.
The image below, shows the completion of the Database installation.
– Click on Finish
Step 4 – Configure the DriveLock Management Console to connect With the Enterprise Service: Launch the DriveLock Management Console as shown below
Here, you are configuring how driveLock with connect to your central infrastructure (DriveLock Enterprise Service)
– Accept the certificate by clicking on “Yes”
– Click on use DriveLock Enterprise Service as shown above.
– Click on Next
– Select how DriveLock checks for updates, here I will select never to check for updates since I am only testing this for a period of one month.
Note: Never use this option in your production environment.
– Click on finish as shown below to complete the driveLock connection with your central infrastructure (DriveLock Enterprise Service).
Next, launch the DriveLock Management Console, the console interface is now available to create a local configuration for the computer the console is running on.
Step 5 – Launch the DriveLock Control Center. When you launch this from the start menu as shown below. This will connect to the DriveLock Enterprise Service as shown below
When the connection is complete, the DriveLock Control Center Application opens up as shown below. Now, you can create dynamic and forensic analysis reports from events that were reported by DriveLock Agents data to a central server running the DriveLock Enterprise Service (DES).
Below is the path for DriveLock Center Tool
Now, your installation is complete. See this guide in order to perform a quick DriveLock post configuration (Quick setup).
I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.