Deep Freeze vs All Others

Discussion in 'sandboxing & virtualization' started by EASTER, Jan 17, 2008.

Thread Status:
Not open for further replies.
  1. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    I've taken a real liking to Faronics Anti-Executable and now Deep Freeze seems equally user friendly and maintains complete stability in the face of my pounding it with numerous changes as such. I'm thoroughly impressed with it. It runs great with my HIPS security and other apps with no noticable hit on either performance or memory, but i expect as much from Faronic's group.

    My question is, and i apologize if it's been asked or discussed at some length before, but DEEP FREEZE does for me the Boot-To-Restore infinitely faster then FD-ISR's FREEZE snapshot, even after loading it up.

    I tried Eric's FREEZE snapshot but at boot compared to DF, fd-isr's FREEZE refresh is very noticably slower for me in comparison. So i've opted for DEEP FREEZE as a late comer you might say.

    After i reboot, either THAWED OR if choose to remain in FROZEN mode, it boots right back up again just as if it wasn't installed at all. Power Shadow exhibits similar results for me, but DEEP FREEZE is captured my fascination with even more satisfactory results.

    Only drawback is the same one they all have, it requires a reboot/reset to change operating feature.

    Does anyone know of any potential limitations in DF a user should be aware of?

    For me, DEEP FREEZE is an Ultimate Boot-To-Restore that doesn't hold you up at reboot like FD-ISR FREEZE does. Plus, like Anti-Executable, it's but a small matter to disengage it's LOCKED SYSTEM with a simple reboot to add programs, etc. then return to FROZEN state again at another reboot.

    Am curious to read the pros and cons regarding DF compared to other similar apps of this nature.

    Thanks EASTER
     
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    My impression from documentation and comments, since I haven't used the application personally, is that operationally it is extremely similar to any of the other Light Virtualization solutions in basic behavior with the following usage comments:
    • Frozen/thawed is really the same as virtualized/native.
    • Deep Freeze implicitly presumes that the system will exist primarily in the frozen/virtualized state. This presumption is not as strong with the other light virtualization solutions
    • The barrier to jumping between states is somewhat higher with Deep Freeze. Dynamic entry into a virtualized state is not allowed. Exit from a virtualized state is the same (restart required).
    • Virtualization is by volume. It is most similar to PowerShadow in this regard in that states are defined at a volume level only (vs. the other solutions which allow folder/file level commit of changes on a nominally frozen volume). The standalone version of Deep Freeze does not support the Thawed Space facility (virtual partition to permanently save content on a frozed machine) available in the enterprise level product. Not a major issue since a physical partition can be used to provide this facility.
    • As far as I know, Deep Freeze is the only product which allows enterprise level centralized administration.
    • Base costs are nearly equal ($45 for Deep Freeze)
    • Deep Freeze has longer in-field usage behind it, so there's been a bit more time to wring out any bugs, but I haven't experienced significant issues with any of the competing products.
    Blue
     
  3. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    I believe the Faronics mapping tool allows you to, in effect, exclude folders on the frozen partition. That means that you can make changes that stay, in those folders: http://www.faronics.com/html/dfmappt.asp

     
  4. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    It's a little different than exclusion - it allows volumes to be mapped to folders. It's more similar (I believe) to the folder relocation facility of PowerShadow 3.0 (but different from that as well). Folder availability needs to be finessed on a standalone machine if you want to map a given user profile (use an alternate admin logon account for example).

    Blue
     
  5. nexstar

    nexstar Registered Member

    Joined:
    Jun 23, 2004
    Posts:
    371
    Location:
    Southampton, UK
    As you've been having some success with Eaz-Fix recently, I was wondering if you had thought of using a scheduled restore to the latest snapshot at restart to achieve a similar effect to DF but with a bit more flexibility?

    The benefit of this approach is that you can lock in any changes you want to keep simply by taking a snapshot. You can then carry on working for as long as you like and your reboot will take you back to that previous snapshot. There's no reboot needed to change mode and if you end up not liking the changes then you just restore the previous snapshot :) .

    If you want current data in a thawed state then the simplest way is to keep that on an unprotected partition or you could recovery it from a later snapshot but that would be a slow option.

    Just a thought :) .

    Graham
     
  6. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    We have Deep Freeze and Anti-Executable set up on a number of computers at work, an excellent combination in that environment and which really Deep Freeze was made for, that said I also use this Deep Freeze (and AE) at home on one machine.
    There is not much I could add to Blue's comments except Deep Freeze can work on Microsoft, SUSE and MAC OSes.
    One thing I did get my administrator to do, as a recommendation by Farconics, was to make the protected drive the only available boot device and using a password for the BIOS.
     
  7. huntnyc

    huntnyc Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    976
    Location:
    Brooklyn, USA
    Easter,

    I loved DF in every respect but I stopped using it only because I kept getting an Acrobat 7 Standard reactivation warning only in frozen mode. Had same trouble with Shadow Defender. Returnil Free is the only program I have had no such problem as this. Reported it to DF developers but no real answer. Did not try uninstalling and reinstalling Acrobat after installing DF - pain do that but might try it someday. It is a fine product.

    Gary
     
  8. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    Thanks sincerely to all of you for such accurate & positive feedback along with any drawbacks and especially the details, also am confidently impressed by those who do use it of their complete satisfaction in it.

    It's so much faster then FD-ISR's FREEZE snapshot but i mean to take nothing away at all from this Magnificient craft and work of art, FD-ISR to me is Legendary and will remain such.

    DEEP FREEZE on the other hand is been bugging me bananas to try it, and now that i have, i'm, completely sold on it and glad i did.
    I can't put my finger on it as technically as say BlueZannetti or others can, but it just seems so efficient in spite of it's limitation as Blue pointed out where "Dynamic entry into a virtualized state is not allowed".

    Oddly enough, thats not of personal concern for me, nor availability of some folder reserved to keep data retained THAWED while the system is in FREEZE state. I always use dual drives. And if i don't. thats where those others come into play.

    My interest is to set up a single workstation with everything in place and keep it FROZEN with DEEP FREEZE, and it's but a small matter however inconvenient to most, to simply reboot to THAWED and add or make changes in that manner.

    Anti-Executable and/or EQSecure 3.41 i feel should be plenty enough to safely isolate any potential file-infector virus from distorting the DF executables, and of course the rest of the system.

    I'm grateful for the comparisons though, the Light Virtulaization apps mentioned by Blue offer alternatives to preferences expected by users according to their own needs/uses and they all have their own respective strengths with few weaknesses thanks to more effort & attention being given them these days by their developers.
     
  9. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    Baseline Shield has a centralized remote administration console.

    http://www.eazsolution.com/en/baselineshield.php

    Whether it's "enterprise level", I cannot say.
     
  10. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    deep freeze is good enough for public kiosks/workstations in a library or school.

    i wouldn't trust it in a corp environment though, it's far too easy to disable with a little patience and know-how.

    it deters the "joe avarege" user though.
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Somebody refresh my memory. I know I can select a c only d only or both to protect on install, but once installed can I change that selection before freezing.


    Pete
     
  12. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,

    Pete, I deeply doubt it. The target volume, c or d or both, once is selected at installation stage, can not(correct me if necessary) be altered. At least that what my impression is.
     
  13. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    HI ALL

    welp let me tell you 1 thing... after checking all this kinda sotware around DF ownz ! no argue on that... it most stable trusted and all the good thing u can say on it.

    *the only "bad" thing i can say on it , it doesnt have the abillty ( like SD or shadowuser) to keep folder or files in the frozen partition unfroozen . why "bad" coz it give u frooene state and no play around (and maybe posible for leek malware) with the froozen drive/partition

    for your mem refresh the answare is u have to reinstall it an choose other drive to freez. u cant do that after install it....need reinstall and rechoose what drive to freerze.

    and for u ethernal ... dont talk with out checking the facts plzz.... ppl may get it like DF is for child play.
    DF have been choosen in my country to protect thr biggest UNI and some important GOV places...include prisions computers....so not realy easy to hack in mate.
    AE btw (accorsding to faronic home page) use by LA poilce in there computers...there chief is state on that.

    so DF+AE is the best way to protect your pc and save some importnat cpu usage ( yes u can make a IMG after install all your software after fresh install..just in case).

    cheers:thumb:
     
    Last edited: Jan 19, 2008
  14. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    demoneye,

    It's not the best way to protect your PC. It's one of many excellent approaches to follow.

    In the specific cases that you cite (universities - presumably student access machines, government offices, prisons, Los Angeles Police Dept., etc.) I'd say that it is likely the preferred type of solution. DF+AE are an install and go solution, very robust, but more importantly, completely geared to the type of machine state preservation desired for those settings. In general, the configuration in those locations are predetermined, constant across a large PC population, changed very infrequently, need to resist any alteration, require rapid return to a predefined state, and accomplish this with very little care and feeding. DF+AE fits that bill precisely.

    In other settings, other solutions will be preferred.

    Blue
     
  15. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    HuH? :blink:

    Anyway i agree on many points including stability but AFAIK it's still preferable i think to also pair it up with it's sister Anti-Executable, to avoid file-infector viruses, because those critters are notorious for jumbling up PE files, and if one gets in even DF, it's a sure bet the reboot wouldn't be a pretty site. I'm speculating of course because i don't dare try it on my investment, but i'll lay odds if a file infector got thru to any system, including one armed with DF, it would carry out it's mission on it too.
     
  16. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    demoneye: i have the facts. i've broken it repetedly.

    on the other side, i am not joe average pc user. it still concerns me though, since i can't recomend a security product to my clients, when i know how to bypass it. i don't beleive in it.

    as previously mentioned, it's good for public access locations, like libraries et cetera, but not in a corporate environment.
     
  17. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    ethernal anything can be bypass this way or another. some even break into very restricted places...so we dont gona use any software coz there is a way to by pass it?

    DF market is industrial no other product from its kind can be even close to that. read in faronic web site and also its partner.

    in my country after heavly checked all kind of virtual software DF have been choosen.
    ofcourse u can use hardware no virtual your pc . more expensive when u talk on numerous pc`s need protecion.

    to bypass this hardware virtual abilty takes more than software base protection ... and so one and on :D

    cheersss:)
     
  18. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    If you have physical access to a machine, no security software can help.

    DF isn't meant to be absolutely hacker proof. It's meant to restore your computer to a working state should you inadvertently screw it up.
     
  19. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Nothing new,many app. are just made for that very reason,whats now that special about DF as compared with the other solutions [ virtual , imaging ] ?
     
  20. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    the special thing about deep freeze is that it utilizes a hidden volume on your hard drive, thus it can "auto-reimage" when rebooting. other imaging software would require a techie to go out to the machine and re-image it him/herself.
     
  21. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,

    Your assumption is true ONLY if :

    (1) the hacker(who has a physical access to your computer) knows the
    password, and

    (2) can locate DF's installation folder, which is needed to install/uninstall DF
    (I would hide it somewhere on HD or save it to a CD) .


    That Unfreezer's trick does not work anymore on newer versions. Because floppy disk method does not work anymore.

    Take care.
     
  22. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    That makes it different then imaging software, but not any different then similar products, like Returnil, and Shadowdefender.
     
  23. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,

    I know for the fact that

    When DF is installed, it immediately create a system file named $persi0, and that file is modified each time when you use DF.

    Is this what you refer to ?

    Take care.
     
  24. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I'll let ya know after i'm done testing. Currently i'm trying out baseline shield, clean slate and a couple of other similar pieces of software.
     
Loading...
Thread Status:
Not open for further replies.