Hello,
and congratulations on this fantastic tool!
Is it possible to:
Update a portable application that is on a USB drive (e.g., the Firefox browser...) which, by definition, is not in the WAPT repository?
Or, if not,
is the agent able to add this portable application to the inventory list?
And if so, can we ask the agent to uninstall the application from the USB drive... or block it?
Thank you.
Steph
USB portable application software inventory
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
-
dcardon
- WAPT Expert
- Messages: 1932
- Registration: June 18, 2014 - 09:58
- Location: Saint Sébastien sur Loire
- Contact :
Hi Step33f,
in my humble opinion, the best solution for portable applications on USB drives is to block them completely. The easiest way to implement this is with APPLocker/SRP (integrated by default in Windows). This way, portable Firefox (and other executables) no longer work on USB drives, and you can also block executables in user profiles (very effective against ransomware).
However, this requires having fairly comprehensive software libraries so that users don't feel too restricted, and WAPT self-service does this job very well.
Regarding the inventory, it's possible to extend it to return other information, or simply create a WAPT audit package that reports all executables found in non-standard locations (very practical). And while you're at it, you could also add a package to check the local administrators group (you can look at the following package for inspiration: https://store.wapt.fr/store/tis-audit-local-admins).
In any case, if you want to improve the security of your park, you've found the perfect tool.
Sincerely,
Denis
in my humble opinion, the best solution for portable applications on USB drives is to block them completely. The easiest way to implement this is with APPLocker/SRP (integrated by default in Windows). This way, portable Firefox (and other executables) no longer work on USB drives, and you can also block executables in user profiles (very effective against ransomware).
However, this requires having fairly comprehensive software libraries so that users don't feel too restricted, and WAPT self-service does this job very well.
Regarding the inventory, it's possible to extend it to return other information, or simply create a WAPT audit package that reports all executables found in non-standard locations (very practical). And while you're at it, you could also add a package to check the local administrators group (you can look at the following package for inspiration: https://store.wapt.fr/store/tis-audit-local-admins).
In any case, if you want to improve the security of your park, you've found the perfect tool.
Sincerely,
Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
