I am looking for a way to disable Firefox Portable on some PC's without disabling the usb ports or changing admin rights. I have users that logon to PC's locally and run most apps as an administrator, unfortunately their daily routine also requires them to occasionally use a usb flash drive so disabling the usb ports are not an option. I have a few people that take that opportunity to use FF Portable from flash drives to surf the net. We use IE 7.0 with content advisor to limit the websites that they can view but with FF Portable they can go anywhere they like...
Any ideas or suggestions are appreciated.
Thanks,
Nat
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
One solution would be to implement a system-wide, or network-wide net security scheme, rather than depending on a security tool tied to a specific application. The schools i've attended had group-wide storage, so full internet surfing capabilities were available outside of the class/labs, but in class/lab the network was locked down so only certain sites could be accessed.
The developer formerly known as ZGitRDun8705
You Should also try the direct approach
Since you seem to know who these people are you should inform them that for policy reasons you do not want them trying to circumvent your decisions.
Tell them that you can not allow them to use unauthorized software, in this case FF and FFP, and inform them of the consequences of trying to circumvent this policy.
This way, if you do find away to "stop" them and they find a way around it (people come here and ask how to get around IT department blocks all the time
) they know what will happen.
Tim
Things have got to get better, they can't get worse, or can they?
sometimes the situation is complicated and you can´t disable all internet access for everyone, so there are different possibilities
- allow firefoxportable (it´s a secure browser!)
-disallow direct connection to internet, allow only proxy access with appropriate "nursery filters for explicit content"
-install a filter prog like "cobion orange box", there´s a bunch of similar apps available
-disallow admin rights for everyone searching the web, domain user account or below is enough for almost everyone - you have to set up individual rights for those who need admin access
"Lorem ipsum dolor sit amet, consectetur adipisici elit, sed eiusmod tempor incidunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis .." Friday Next -
"May The Schwartz be with You!" Yogurt the Yoda
The fact that a number of your users are local admins will allow them to negate any barriers you put up, but if they are all running XP or Vista you could always make use of a network wide SRP group policy, and effectively ban executables that you dont know of from being ran.
Of course if they are admins and are meant to install whatever software they need on-demand you'll end up causing more trouble with this. If they were just domain users it would be (as in my case) simple to ban binaries everywhere then enable them for the local disk drive and server shares.