logo

Log In

[templated item][templated item][templated item][templated item]
Partners

Products | Policy Management

Try/Evaluate Product Demo Contact Us

Systems Management
What’s New


Resources
White Paper
Webcasts
Use Cases
Product Demo
Trial Evaluation
 ... more



Policy Management

OverviewBenefitsFeaturesResources

Policy Management: Automating Compliance Policies

An effective privilege management tool allows policies to be designed and enforced in a way that achieves the objectives of the company without creating unnecessary restrictions on the end user. This type of customization capability requires granular application-level enforcement and control on each individual desktop, with enough intelligence built-in so that the IT management process is automated and simplified as much as possible. For example, applications can be white listed by time slot whereby enabling/disabling access to certain applications during working hours or weekends.

126 second video clip Try It Free
Migrating to Windows 7? Thinking about Locking Down Your Desktops? Do it the right way.

Flexible Implementation Methodologies

Viewfinity Privilege Management can be implemented through our SaaS/Cloud platform or via your on-premise servers as a private cloud, or as an extension to Group Policy, enabling policies to be managed through the standard Group Policy Management tools.

Discover Desktops with Administrator Rights

The Viewfinity Local Admin Discovery is a free tool that allows you to discover user accounts and groups that are members of the local “Administrators” built-in user group on computers in your Windows domain. Learn more about this tool and how to download it.

Setting up policies is easy. Our intuitive wizard-based interface allows you to configure multi-dimensional policies based upon any combination of groupings, including:

  • Applications
  • Departments
  • Active Directory User/Group
  • Connectivity Status (on/off corporate network)
  • Time of Day

Policies are completely automated, for example, when one user is moved into a different group, the policy settings for that group are immediately effective and enforced for that user's logon credentials.

Viewfinity's Privilege Management features provide application-level control and policy customization on the desktop. Many policies that formerly required complete lockdown can now be enforced without creating excessive limitations on the end user machine.

Try it now for 14 days. In four easy steps and in less than ten minutes, the software can be installed and ready for evaluation.

Customize Control of Your Environment

Scripts:
In addition to the built-in capabilities that are available, IT administrators may develop custom scripts to control various aspects of their desktop environment.

Policy Export/Import:
Viewfinity provides the ability to import and/or export policies, in XML format, for backup and other purposes. The import/export functionality is ideal for pilot programs where policies are setup in a test environment and once the testing is completed, the proven policies can be exported into a production environment.

Custom Policy Groups:
When managing a vast number of policies, it’s important to organize them in some logical manner. We offer the option to create custom groups for policies and organize them by criteria such as location, department, job function, and more. For example, a custom policy group can be created to manage policies for mobile employees or for everyone in the finance group. However your organization is structured, groups can be created to mirror that model.

Application Groups:
Policies can be enforced on a single application, executable or a group of applications. By enforcing policies on a group of applications, administrators can significantly reduce the number of required policies. For example, you can create an application group that blocks applications related to “Peer to Peer clients” and include in this group any application which falls into this category. Viewfinity automatically collects software inventory information from all computers -- there is no need for administrators to collect information on executables that they want to block. Simply open the global software inventory list, build an application group, and apply policy Block or Elevate to the application group. By applying a policy to a group of applications instead of establishing individual policies for applications, the number of policies can be kept at a minimum.

Policy Scheduling, Immediate Updates and Setting Policy Expiration Dates:
In general polices updates take place immediately, assuming there is connectivity between the client and server. In some cases an administrator may want to schedule activation/updates for policies, which can be done via the Viewfinity console. However, if an administrator or client wants to apply policy updates immediately without waiting for the prescheduled policy update time, an Administrator can force a policy update. Also, a client can force a policy update from his/her PC.

Viewfinity provides several activation/deactivation options for managing policies, requiring less manual intervention when maintaining policies. For example, when a remote worker requires access to install a local printer or ActiveX control from a specific vendor site, the Administrator can create a policy that is active for the next 24 hours only. When the 24 hour period expires the policy deactivates itself automatically. In addition, policies can be made location aware. For example, a policy is created to Block an application based on the end-user’s connection location. In this example the application will run if they are connected from within the corporate network but blocked if outside the firewall.

Display Customized Messages to End Users
Viewfinity allows organizations to customize the messages that are displayed to end users related to policy execution, Policy Automation or upon access to an end user’s activity recording journal, screen capture and Remote Terminal.

Policy Templates:
Viewfinity provides a number of policy templates to help you with your initial testing and policy creation. Using one of our predefined templates, simply edit the policy to meet your needs and assign it to a specific computer, user or group. Example templates include: allow ActiveX installations, Block Applications, Run applications with elevated permissions, Run Administrative Tasks with elevated permissions, as well as many others.

Viewfinity Support for Delegated Security

Viewfinity products provide delegated management control to support the needs of your various IT roles and staff members. The primary Viewfinity Administrator account has authorization to manage all computers in the organization. This primary account can create separate computer subsets based on departments, regions, and other criteria and assign management control of these subsets to specific individuals. Each subset administrator can deploy agents, apply policies, and report on computers which fall under his/her management.

Viewfinity supports two levels of system management accounts. Full control system management accounts have complete access to product features such as the ability to create, stop, start, and modify policies; deploy agents and monitor activity. Read only accounts are targeted for subset administrators which require “review only access” including activities such as viewing reports and monitoring policy and asset management reports, reviewing computer connectivity status, etc.

 













Privilege Management Site
Next Steps
BrochuresWhite PapersHow It WorksContact Me
Products