I am considering using Returnil as a replacement for Deepfreeze and have 2 main queries. 1. Does Returnil protect against all known methods of writing the mbr (especially such ways as a kernelmode drive installed while protection is on which performs raw disk writes to infect the mbr)? Currently DeepFreeze does not appear (as I have experienced and as they have told me) to protect the mbr from being modified directly. Knowing the type of protection offered by Returnil would help greatly. 2. Are there any management consoles available to manage workstations which have returnil installed on them such as Faronics Deepfreeze console? This would mostlikely be a requirement for deployment in any environment should you want to make updates/changes to the OS and software environments, and a central console from which to disable protection to make these udpates is expected however I see no information about such a feature on the website? I welcome answers to these questions but also comments about how else returnil would be better than deepfreeze - note i am not interested in features such as scheduled updates/controlling windows updates etc... simply a restore on reboot solution with centralized thaw/freeze (protection on/off) management capabilities.