The Full Wiki



More info on Deep Freeze (software)

Deep Freeze (software): Wikis
  

Note: Many of our articles have direct quotes from sources you can cite, within the Wikipedia article! This article doesn't yet, but we're working on it! See more info or our list of citable articles.

Encyclopedia

Updated live from Wikipedia, last check: June 01, 2012 00:11 UTC (38 seconds ago)

From Wikipedia, the free encyclopedia

Deep Freeze, by Faronics, is an application available for the Microsoft Windows, Mac OS X, and SUSE Linux operating systems which allows system administrators to protect the core operating system and configuration files on a workstation or server by restoring a computer back to its original configuration each time the computer restarts.[1]

Contents

Operation

Deep Freeze is a kernel-level driver that protects hard drive integrity by redirecting information being written to the hard drive or partition, leaving the original data intact. This redirected information is no longer referenced once the computer is restarted, thus restoring the system to its original state at the disk sector level. This allows users to make 'virtual' changes to the system, giving them the appearance that they can modify core files or even delete them, and even make the system unusable to themselves, but upon reboot the originally configured 'frozen' state of the operating system is restored.

To make changes, a system administrator must 'thaw' the protected partition by disabling Deep Freeze, make any needed changes, and then 'freeze' it again by re-enabling Deep Freeze. These changes become part of the protected partition and will be maintained after restarts. 'Freezing' and 'thawing' can be done at the workstation level or remotely via the Deep Freeze Enterprise Console.

Deep Freeze can also protect a computer from harmful malware as it automatically deletes downloaded files when the computer is restarted.

Limitations and security

Deep Freeze only protects workstations in a "fresh-booted" state. That is, Deep Freeze prevents permanent tampering with protected hard drives/partitions across reboots, but user activity between restarts is not limited by the program. For example, Deep Freeze does not prevent application installation; a user could install a modified version of a Web browser (but seemingly harmless to the unknowing user) designed to secretly send users' passwords to a server connected to the Internet. As a workaround, Deep Freeze can be configured to restart after user logout, shutdown after a chosen period of inactivity, or restart/shutdown at a scheduled time in an attempt to ensure that no such installations are retained (as rebooting the system returns the system to its original, unmodified state).

Deep Freeze cannot protect the operating system and hard drive upon which it is installed if the computer is booted from another medium (such as an external hard drive, a USB device, optical media, or network server), or where the total volume of drives in the system is over 2 TBs[2]. In such cases, a user would have real access to the contents of the (supposedly) frozen system. On a Windows-based computer, this scenario may be prevented by configuring the CMOS on the workstation to boot only to the hard drive to be protected and by then password protecting the CMOS. This is a normal precaution for most public access computers.

References

  1. ^ Faronics Deep Freeze product page
  2. ^ Deep Freeze Standard v 6.61.20.2822

External links





Deep Freeze is a "reboot to restore" piece of computer software created by the Faronics software company from North America.

Operating Systems



Deep Freeze is compatible with many of the versions of Microsoft's Windows Operating Systems - including Windows 95, Windows 98, Windows ME, Windows 2000 and Windows XP and also for newer versions of the Mac OS X operating system. Faronics is also requesting expressions of interest for use on Linux/Unix systems.

Version 6.0 was announced at the National Educational Computing Conference (NECC) in July of 2006 and is slated for broad release around mid-July.

Usage



Faronics designed Deep Freeze with the intent of targeting four main markets:
  • Education - including Schools, Universities, and other educational providers
  • Government
  • Library - including public and private libraries, as well as other short-term public-access networks
  • Healthcare - for Hospitals, Nursing centres and other areas vulnerable to attacks from malicious software.


    • Other well know usage is Public Computers (Cyber or Cybercafé) for restore system at end of one session and reboot for a new user.

    Features



    Faronics Deep Freeze is widely regarded throughout various industries as the leader in "reboot-to-restore" technology. The software is based on the idea that when Deep Freeze is installed, the computer is "Frozen" in that state. Any changes that are made to a Frozen computer are lost with a restart - the hard drive automatically reverts back to the image created when the computer was last "Thawed."

    When a computer is "Thawed," any changes made are retained, unless manually undone. Users can also create a "ThawSpace" which is a partition where data can be saved across restarts, even when the computer is Frozen.

    Essentially, Deep Freeze restores the hard drive of a computer to a set state every time the operating system reboot.

    Other features of Deep Freeze include:
  • One-time passwords (OTPs)
  • Up to 100GB of "ThawSpace" (areas of the hard drive which are not restored with every reboot)
  • "Thawed Drives"
  • Stealth mode
  • Scheduled Restart/Shutdown times
  • Encrypted Password protection
  • System clock or time updates
  • Protected CMOS


    • [97]

    Viruses



    Viruses, Spyware and Adware are all treated the same way as any other system or registry change and are eliminated with a reboot. The security and reliability that this feature of Deep Freeze offers is a major attracion in terms of Virus or malicious software protection.

    Problems


    The windows version of the software only works within Windows, and does not operate when a computer is being run in DOS. In Windows 2000/XP, this would not work, but there is software that allows the hard drive to be accessed in DOS, such as NTFS4DOS.

    There is also a computer programmer in Argentina named Emiliano Scavuzzo who has a grudge against Faronics, so he found a way to bypass the login to the settings for the program.[98] He used this information to make a program that did the work by itself.[99] Scavuzzo's program does not function on versions of Deep Freeze released after January, 2006.

    Also any frozen drive can be permanently edited by booting into an operating system that Deep Freeze isn't installed on. An example of this would be a Linux LiveCD. The drive can be mounted read/write and then any file can be edited. This can also be used to reset passwords by using password cracking software like John the Ripper, RainbowCrack or Ophcrack.

    Unfortunatly, the LiveCD method can not be prevented on most computers, even by disabling CD booting in the bios and password protecting it. This is because a "boot key" (usually F12, but different for each motherboard) can always be pressed. It bypasses any bios setings and lets the user sellect any boot device.

    External links

  • The Deep Freeze website
  • Faronics homepage
  • Deep Freeze Testimonials












    • Got something to say? Make a comment.
    Your name
    Your email address
    Message
    Please enter the solution to case below
    12+8=