G DATA Security Client for Windows
G DATA Security Client provides protection to Windows clients and runs the G DATAManagementServer jobs allocated to it in the background. The clients have their own virus signaturesand scheduler, so that tasks can also be run in offline mode (e.g. for notebooks that do not have acontinuous connection to G DATA ManagementServer).After the inst allat ion of the client software, a system tray icon is available to the user of theclient to carry out tasks independently of administrative schedules. Which options are availableneeds to be approved and defined using the Client set t ings module of G DATA Administrator.Using the right mouse button, click the G DATA Security Client icon to open a context menu whichoffers access to all Security Client functions.
G DATA Security Client for Windows - Virus check
With this option, a user can carry out a targeted virus check on the computer using G DATA SecurityClient, even outside of the virus checking schedule specified in G DATA Administrator.
The user can check removable devices, CDs/DVDs, memory, the Autostart area, and individual files ordirectories. In this way, notebook users who only rarely connect their computers to the company network can prevent a virus attack in a targeted manner. Clients can use the Options window to configure actions that should be taken when a virus is found, such as moving virus-infected files to a local quarantine folder.
The user can also easily check files or directories from Windows Explorer by selecting the files or directories and using the Check for viruses (G DATA AntiVirus) option in the context menu.
While a virus scan is running, whether it has been initiated locally or is part of a scan job, the context menu is expanded with the following entries:
- Virus check priority: Set the priority of the virus check. With High, the virus check is carried out quickly, but it can significantly slow down other programs on the computer. With the Low setting, on the other hand, the virus check takes a comparatively long time, but other applications on the client computer are not slowed down significantly (only available for local scan jobs).
- Pause virus check: Pause a locally started virus check. Scan jobs that were initiated by G DATA ManagementServer can only be stopped if the administrator has enabled the Allow user to halt or cancel the scan job option when setting up the job.
- Cancel virus check: Cancel a locally started virus check. Scan jobs that are have been initiated by G DATA ManagementServer can only be cancelled if the administrator has enabled the Allow user to halt or cancel the scan job option when setting up the job.
- Display scan window: Display the progress and results of the virus check (only available for local scan jobs).
The Virus check system tray menu option can be enabled or disabled in G DATA Administrator under Client settings > General > Client functions.
G DATA Security Client for Windows - Disable monitor
Using the Disable monitor command, the user can switch off G DATA monitor for a specified time (from 5 minutes up to until the next computer restart). Switching off the monitor temporarily may be useful during extensive file copying procedures, as this would considerably speed up the process. However, extra care should be taken as real-time virus checking is switched off during this interval.
The Disable monitor system tray menu option can be enabled or disabled in G DATA Administrator under Client settings > General > Client functions.
G DATA Security Client for Windows - Options
Using the Options window, the user can configure security for the Monitor, Email, Virus check (local), Web filtering and Spam filter components. In this way, all client protection mechanisms ofthe G DATA software can be disabled. This option should therefore only be accessible to technically experienced users. The settings on these tabs are explained in detail in the chapter Client settings.
The various tabs of the Options window can be enabled or disabled in G DATA Administrator under Client settings > General > Client functions.
G DATA Security Client for Windows - Quarantine
Each G DATA Security Client creates a local quarantine folder to which infected files are moved. Triggers for this are set in the monitor. Files in the quarantine cannot execute any damaging routines.
Infected files are automatically packed and encrypted when moved to quarantine. Files which are larger than 1 MB are stored in the local quarantine of the G DATA Security Client in order to avoid unnecessary strain on the network in the event of a massive virus attack. All files smaller than 1 MB are transferred to the quarantine folder of the G DATA Management Server. Infected files which are smaller than 1 MB and which the G DATA Security Client has no connection to the G DATA ManagementServer are stored in the local quarantine folder and are transferred to the quarantine folder there the next time the G DATA ManagementServer is contacted.
These settings cannot be changed. For more information about the quarantine folders, see Default storage locations and paths.
Infected files can be disinfected in the quarantine folder. If this does not work, the files can also be deleted from there and, if necessary, moved back from quarantine to their original location.
Administrator rights for the G DATA ManagementServer are required to trigger the disinfect, move back or delete functions.
When moving back from quarantine a virus is not removed! You should only select this option if the program cannot run without the infected file or is needed for data recovery.
The Quarantine system tray menu option can be enabled or disabled in G DATA Administrator under Client settings > General > Client functions.
G DATA Security Client for Windows - Updates and Patches
PatchManager is available as an optional module.
The Updates/Patches window reveals a patch/update overview for the client pc, divided over two tabs.
The Installed tab shows all patches and updates that have been installed on the system. Double click a patch to view an extended description. If a patch or update seems to be causing problems, users can select it and click Uninstall to request the administrator to remove it. The Status will change to Waiting for response and the administrator will receive a report with a rollback request.
To perform a local check, regardless of software recognition jobs planned on the ManagementServer, click Check for updates. Security Client will then check all patches for applicability on the local system.
The Available tab lists patches, updates and software packages that are applicable to the client system. Double click an item to view an extended description. To request installation, click Install. The Status will change to Waiting for response and the administrator will receive a report with a software distribution request.
The Updates/Patches system tray menu option can be enabled or disabled in G DATA Administrator under PatchManager > Settings.
G DATA Security Client for Windows - Internet update
G DATA Security Client can be used to download virus signature updates from the Internet if no connection to G DATA ManagementServer is available (see Client settings > General > Updates).
The Internet update system tray menu option can be enabled or disabled in G DATA Administrator under Client settings > General > Client functions.
G DATA Security Client for Windows - Disable firewall
Disabled via Firewall deactivates the firewall, even if the client is still in the ManagementServer network. A password is required to deactivate the firewall. The password is defined under the client settings in the G DATA Administrator. The check mark for "Password protection for changing options" must be set there.
If the firewall is switched off, it can be switched on again via the Activate firewall option.
The autopilot is the standard setting for all clients of the G DATA Firewall. This option configures the firewall so that it executes its tasks completely in the background. End users are not confronted with any prompts and administrators only have to perform a minimum number of administrative tasks.
The Disable firewall system tray menu option can be enabled or disabled in G DATA Administrator under Firewall > Overview > Run in internal network by checking Allow user to enable/disable the firewall.
G DATA Security Client for Windows - Firewall
- G DATA Security Client Firewall - Status
- G DATA Security Client Firewall - Networks
- G DATA Security Client Firewall - Rule sets
- G DATA Security Client Firewall - Log
- G DATA Security Client Firewall - Settings
The Firewall module is available as part of the Client Security Business, Endpoint Protection Business and Managed Endpoint Security solutions.
The Firewall option loads the firewall's interface. As long as the client is in the G DATAManagementServer network, the firewall will be administered centrally by the server. When the client connects to another network, for example if a laptop is using a private network at home, the firewall interface can be used to configure an off-site configuration.
The Firewall system tray menu option can be enabled or disabled in G DATA Administrator under Firewall > Overview > Run outside internal network by checking Allow user to change the off-site configuration.
G DATA Security Client Firewall - Status
The Status module of the firewall shows information about the current status of the firewall. By double-clicking any of the entries, you can carry out actions directly or switch to the respectiveprogram area.
- Security: Enable or disable the firewall. This option is only available if it has been enabled inG DATA Administrator (Firewall > Overview > Run in internal network > Allow user to enable/disable the firewall).
- Mode: The firewall can be operated in automatic (autopilot) mode or in manual (rule sets) mode. Changing this option client-side is only possible if the client is being used outside the ManagementServer network and if it has been enabled in G DATA Administrator (Firewall > Overview > Run outside internal network > Allow user to change the off-site configuration).
- Networks: Open the Networks panel, which shows the networks that your computer is connected to as well as the rule sets that are used.
- Prevented attacks: When the firewall registers an attack on your computer, it is prevented and logged here.
- Application radar: Show which programs are currently being blocked by the firewall. If you want to allow one of the blocked applications to use the network, select it and then click the Allow button.
G DATA Security Client Firewall - Networks
The Networks module lists all networks to which your computer is connected, as well as which rule set is protecting the respective network. Select a network and click Edit to view details and to configure the settings for this network. Network settings can only be edited if that has been specifically allowed (Firewall > Overview > Run in internal network > Allow user to enable/disable the firewall) or if the device is being used in off-site mode (Firewall > Overview > Run outside internal network > Allow user to change the off-site configuration).
- Network info: Shows information about the network, including IP address, subnet mask, default gateway, DNS and WINS server.
- Firewall enabled on this network: Enable or disable firewall protection.
- Internet connection sharing: Allow Internet Connection Sharing (ICS).
- Enable automatic configuration (DHCP): Allow DHCP configuration.
- Rule set : Choose any of the defined Rule sets to be applied to this connection. Click Edit rule set to open the Rule Wizard.
G DATA Security Client Firewall - Rule sets
In the Rule sets module you can create and edit rule sets (groups of firewall rules that can be applied to networks).
- New: Create a new rule set. In the following dialog, enter a Rule set name and decide if the rule set should be pre-populated with rules from the default rule sets for untrusted, trusted or blocked networks.
- Delete: Delete the selected rule set. The default rule sets cannot be deleted.
- Edit: Edit the selected rule set using the Rule Wizard.
The Rule sets module contains default rule sets for the following network types:
- Direct Internet connection: This covers rules that involve direct Internet access.
- Untrusted networks: This generally covers open networks with Internet access.
- Trusted networks: Home and company networks are generally trusted.
- Blocked networks: This rule set can be used if access to a specific network should be blocked.
G DATA Security Client Firewall - Rule Wizard
The Rule Wizard allows you to define new rules for the selected rule set or to modify existing rules. The Rule Wizard is especially suitable for users unfamiliar with firewall technology. For a granular control over individual rules, use the Advanced Rule Set Editor.
The Rule wizard offers various rules. All of them can be used to quickly allow or deny a specific type of traffic. For most rules, a specific Direction can be defined, which governs whether the program is tobe blocked for inbound connections, outbound connections or both.
- Share or block applications: Select a specific application on the hard disk to explicitly permit or deny it access to the network governed by the rule set.
- Share or block network services: Blocking one or more ports is a quick way of eliminating vulnerabilities that could be used for attacks by hackers. The wizard provides the option ofblocking ports completely or for a particular application only.
- File/printer sharing: Allow or block file and printer sharing.
- Share or block domain services: Allow or block network domain services.
- Shared use of the Internet connection: Allow or block Internet connection sharing (ICS).
- Share or block VPN services: Allow or block Virtual Private Network (VPN) services.
- Advanced Rule Set Editor (expert mode): Open the Advanced Rule Set Editor.
G DATA Security Client Firewall - Advanced Rule Set Editor
The Advanced Rule Set Editor allows for the creation of highly specific rules. It can be used to create all of the rules that are also available through the Rule Wizard, but also supports custom settings.
The Advanced Rule Set Editor window resembles the Rule sets pane of G DATA Administrator's Firewall module. It can be used to create, edit, delete, and rank rules within the rule set. In addition to the options available in G DATA Administrator, the Advanced Rule Set Editor offers the followingoptions:
- Action if no rule applies: Specify what happens when no existing rule applies to a filtered communication type: Allow, Deny or Ask user.
- Adaptive mode: The adaptive mode supports applications that use feedback channel technology (e.g. FTP and numerous online games). These applications connect to a remote computer and negotiate a feedback channel with it, which the remote computer then uses to reverse connect to the application. If the adaptive mode is enabled, the firewall detects this feedback channel and permits it without querying it separately.
- Reset: Delete all rule set modifications as well as all auto-learned rules.
By double-clicking a rule or clicking the Edit button, individual rules can be edited. The individual rule editor corresponds to the Edit rule window in G DATA Administrator.
G DATA Security Client Firewall - Log
The Log module shows a detailed overview of all incoming and outgoing connections. It can be used to check the connection protocol, initiating application, direction, local port, remote host, remote port and reason for the decision about allowing or blocking the connection.
Click Delete to delete the selected log entry or Delete all to clear the log file completely. The Details button shows additional information about the selected log entry.
Right-click any log entry to access context-sensitive options.
In addition to the Details view, these options include creating a new rule based on the log entry, editing the rule that led to the connection being blocked or allowed, and setting a filter view for the Log module.
G DATA Security Client Firewall - Settings
The Settings window can be used if the appropriate permissions have been enabled in G DATA Administrator (Firewall > Overview > Run in internal network > Allow user to enable/disable the firewall and Firewall > Overview > Run outside internal network > Allow user to change the off-site configuration).
- Security: Enable or disable the firewall.
- Mode: The firewall can be operated in automatic (autopilot) mode or in manual (rule sets) mode.