Windows Server

Important DriveLock components to master

Encryption is another main feature of DriveLock that can help you secure sensitive information by enforcing encryption when data is copied to removable drives. You can use the DriveLock Full Disk Encryption option to encrypt hard disks, including the system partition and to perform pre-boot authentication with single sign-on to Windows. DriveLock can also erase sensitive data permanently and securely by overwriting data multiple times using one of several industry-standard algorithms.

You can install DriveLock from files downloaded from the DriveLock Web site. All DriveLock components are available as separate 32-bit and 64-bit Microsoft Installer (MSI) packages.
– The easiest way to install DriveLock components is by using the DriveLock Installer (DLSetup.exe). This program can check whether the most current installation packages for all components are already present and download missing packages from the Internet.

Before starting the installation, it is recommended that you decide which type of configuration you will be using to deploy DriveLock settings to clients because this will determine how you will deploy DriveLock Agents to client computers. The following configuration matrix can help you decide which of these methods is the most appropriate for your environment:

Like I said before, DES (The Enterprise service is not required for DriveLock to operate, but it lets administrators easily monitor all DriveLock operations and user activities in the entire organization)

https://www.ubm-global.com/downloads/drivelock/DriveLockInstallationGuide.pdf
https://www.ubm-global.com/site/assets/files/1165/drivelock_installation_guide.pdf

Step 1: Download and installation of DriveLock, see (How to download DriveLock software and install DriveLock).
Step 2: Setup a Server (How to perform DriveLock quick setup)

Note: When installing DriveLock, SQL Express is installed by default.
– For Enterprise Installation, MySQL is recommended.

Components of DriveLock to install: Ensure you pay a lot of attention to thee components.
1: Client Software (DriveLock Agent): Installation of the client software (the DriveLock Agent) and policy deployment can be achieved easily by using existing software deployment mechanisms or by using the Group Policy feature of Active Directory. Alternatively, you can distribute policies using configuration files for standalone computers or in environments without Active Directory.

The DriveLock Agent is the most important component of the DriveLock infrastructure. It implements and enforces your policy settings and must be installed on every computer where you want to control removable drives, devices, or other settings. The Agent is a lightweight Windows service that runs in the background and maintains control over hardware ports and interfaces and enforces your security policy. To prevent unauthorized access or bypassing the security settings, regular users can’t stop the service; only users who are specifically authorized by you can access and control the service.DriveLock Management Console: You use the DriveLock Management Console to configure the security settings for your clients, manage your environment, and access other DriveLock components. This console is a Microsoft Management Console (MMC) snap-in so you can easily integrate it into existing MMC console files that administrators may have already configured.

2: The DriveLock Management Console lets you create a local configuration for the computer the console is running on, to define configurations by creating and changing Active Directory Group Policy settings or to save your settings to a configuration file that you can import on another computer. You can also monitor the status of clients or access the DriveLock Agent on clients. You can use the Management Console to remotely unlock an Agent by accessing it remotely, or— if the Agent is not connected to a network— by creating an offline access code that a user can enter on the client computer.

3: DriveLock Control Center (DCC): Let you create dynamic reports and forensic analysis reports from events that were reported by DriveLock Agents data to a central server running the DriveLock Enterprise Service (DES).

You can use the DCC to monitor the use of mobile drives, devices, and data transfers in aggregate or in detail. The DCC includes the option to assign granular permissions for data queries and report creation.

The DCC also lets you monitor your current DriveLock Agent environment and view the status of clients. For example, you can identify computers that don’t have the Agent installed or that have not recently reported their status. If you use the Full Disk Encryption option, you can view the current status of the drive encryption (for example, “Not installed” or “Currently encrypting”).

The DriveLock Control Center (DCC) is the reporting console that enables administrators to view events that are stored in the DES and create reports from the event data.

The auditing capabilities of DriveLock, coupled with its file shadowing functionality give you the information you need to monitor and enforce policy compliance

4: The DriveLock Enterprise Service (DES) is a central component that consolidates all DriveLock events and Device Scanner results in a central database. Administrators can then use this data to create dynamic reports for auditing and management purposes.

This service is not required for DriveLock to operate, but it lets administrators easily monitor all DriveLock operations and user activities in the entire organization.

5: Linked DES Server: In large DriveLock deployments you can minimize the use of system resources and network bandwidth by linking DES servers. In a linked deployment, one or more DES servers at branch offices are running in the “Cache & Linked” mode. These servers collect events from DriveLock Agents but don’t write the events to the database. Instead, DES servers in Cache & Linked mode forward the event data in compressed form to a central DES server at preconfigured intervals. The central DES Server, which is running in the standard “Cache & Process” mode, is connected to a database server and writes the event data it receives from linked servers and clients to the DriveLock database.

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Advertisements
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x