2012年1月31日火曜日

How To Reinstall .dll File

how to reinstall .dll file

Application whitelisting for virtual desktops

VDI vendors such as Citrix Systems and Ceedo now support User Installed Applications for virtual desktops.

While end users welcome the ability to install applications directly to their virtual desktops, User Installed Apps can be big problems for IT pros.

Let's consider some of the reasons why allowing users to install their own applications is a bad idea and how you can prevent some potential issues.

Why User Installed Apps is a bad idea
There are a number of reasons why users installing their own applications onto virtual desktops is troublesome. For starters, an organization is legally responsible for licensing any software that runs on its systems. If a user installs an unauthorized application, the organization is responsible for licensing that application.

Another problem with giving users the ability to install software is that doing so increases the chances of a malware infestation. Even if a user does not intentionally install an infected application, the chances that a malicious email attachment or a drive-by download infecting the virtual desktop increases.


PDF Converter Pro 6.0 [OLD VERSION]
Learn more

A third reason why it is a bad idea to let users install their own wares is that in a VDI environment, resource consumption is a major issue. All of the virtual desktops share a finite pool of physical hardware resources. Authorized applications are tested to ensure that they do not consume excessive CPU cycles, disk I/O or network bandwidth. A rogue application

can upset the delicate balance of hardware provisioning that is in place.

Finally, unauthorized applications increase support costs. If the helpdesk has to troubleshoot a problem with a virtual desktop, they make certain assumptions based on the way that the virtual desktop is known to be configured. An unauthorized application might replace DLL files or make registry changes that cause problems with other applications. The helpdesk technician might not immediately spot these problems because they are initially unaware of the unauthorized application's existence.


Preventing User Installed Applications
You can easily prevent users from installing unauthorized applications by simply tightening the NTFS permissions on the virtual desktops, but this does little to prevent the spread of malware. After all, there are some operating systems folders for which the user must have write permissions for the operating system to work correctly (such as the Internet Explorer cache). Malware authors often exploit such weaknesses in the operating system.

Tightening NTFS permissions also does nothing to prevent users from running applications that do not require installation. For example, right now I have a screen capture application open on my desktop that does not require installation -- it can be run from a flash drive or from any other form of removable media. An end user could easily use such an application to leak sensitive data.

If your virtual desktops run Windows 7, you can prevent users from installing or running unauthorized applications through the use of Microsoft AppLocker. AppLocker is a feature that is built into Windows 7 to control which files users are allowed to execute.


An administrator can specify the applications that users are and are not allowed to run through AppLocker policies. For instance, an admin might choose to block a specific file based on the executable's hash, or they might want to allow any digitally signed application from a trusted publisher.

Although AppLocker prevents users from installing or running unauthorized applications, managing AppLocker in a VDI environment can be difficult. Virtual desktops evolve over time as new versions of applications and software patches are applied. That means IT has to create corresponding rules in AppLocker to prevent patches and upgrades from being blocked. Many administrators have found that the current version of AppLocker is simply too ridged to function efficiently in a highly dynamic environment.

In addition to AppLocker, there are several third-party products available for application whitelisting. One option is Parity from Bit9. I have worked with Parity for several years and can personally attest to the fact that it works really well.

Another product is Bouncer from CoreTrace. I have never actually used Bouncer before, but have read good things about it. Both Parity and Bouncer provide more granular control over the application whitelisting process than what is available through AppLocker.

Read more from Brien M. Posey


ABOUT THE AUTHOR:
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies.

Dig Deeper

  • People who read this also read...

This was first published in January 2012



These are our most popular posts: how to reinstall .dll file

Windows How-to Guide: QtWebKit4.dll DLL File and How to Fix ...

If the downloaded OggSplitter.dll file cant work properly on your computer, then you can consider reinstalling the program that generates the error. This may help solve the problem if you have just installed a program, or you ... read more

DLL Not Found – How to Fix .dll Missing Problems Quickly ...

This web log provides effective technical support about errors report pertaining to Qt QtWebKit4.dll errors removal. read more

how to fix missing file DLL extensions

You need to fix Netevent. Dll Not Found". The first step to restore the Dll file. Also when you are able to repair the various applications and Windows called the DLL files on your system. The problem whereas a completely ... read more

How To Fix Hpsamd.sys Errors

Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!Welcome to WordPress. This is your ... read more

Related Posts



0 コメント:

コメントを投稿