Deep Freeze (software)

Faronics Deep Freeze
Developer(s) Faronics
Stable release Windows editions: 7.22.020.3453[1]
Mac edition: 4.61.2200.0398[1]
Operating system
Type System software
License Trialware
Website www.faronics.com/Products/DeepFreeze.aspx

Deep Freeze, by Faronics, is an application available for the Microsoft Windows, Mac OS X, and SUSE Linux operating systems which allows system administrators to protect the core operating system and configuration files on a workstation or server by restoring a computer back to its original configuration each time the computer restarts.[2]

Contents

Operation

Deep Freeze is a kernel-level driver that protects hard drive integrity by redirecting information being written to the hard drive or partition, leaving the original data intact. This redirected information is no longer referenced once the computer is restarted, thus restoring the system to its original state at the disk sector level. This allows users to make 'virtual' changes to the system, giving them the appearance that they can modify core files or even delete them, and even make the system unusable to themselves, but upon reboot the originally configured 'frozen' state of the operating system is restored.

To make changes, a system administrator must 'thaw' the protected partition by disabling Deep Freeze, make any needed changes, and then 'freeze' it again by re-enabling Deep Freeze. These changes become part of the protected partition and will be maintained after restarts. 'Freezing' and 'thawing' can be done at the workstation level or remotely via either the Faronics Core management platform or the Deep Freeze Enterprise Console. Users of the Enterprise version can also create virtual partitions called ThawSpaces (of up to 1 TB on an NTFS-formatted drive) to retain data on "frozen" hard drives after restarts.

Deep Freeze can also protect a computer from harmful malware, since it automatically deletes (or rather, no longer "sees") downloaded files when the computer is restarted. The advantage of using an application such as Deep Freeze antivirus / antimalware is that it uses almost no system resources, and does not slow your computer significantly. The disadvantage is that it does not provide real-time protection, therefore an infected computer would have to be restarted in order to remove malware. [3]

Limitations and security

Deep Freeze only protects workstations in a "fresh-booted" state. That is, Deep Freeze prevents permanent tampering with protected hard drives/partitions across reboots, but user activity between restarts is not limited by the program. For example, Deep Freeze does not prevent application installation; a user can install a modified version of a Web browser (but seemingly harmless to the unknowing user) designed to secretly send users' passwords to a server connected to the Internet. As a workaround, Deep Freeze can be configured to restart after user logout, shutdown after a chosen period of inactivity, or restart/shutdown at a scheduled time in an attempt to ensure that no such installations are retained (as rebooting the system returns the system to its original, unmodified state).

Deep Freeze cannot protect the operating system and hard drive upon which it is installed if the computer is booted from another medium (such as an external hard drive, a USB device, optical media, or network server). In such cases, a user would have real access to the contents of the (supposedly) frozen system.[3] On a Windows-based computer, this scenario may be prevented by configuring the CMOS (nonvolatile BIOS memory) on the workstation to boot only to the hard drive to be protected, then password protecting the CMOS. This is a normal precaution for most public access computers. A further precaution would be to lock the PC case shut with a physical lock or tiedown cable system to prevent access to motherboard jumpers.

Deep Freeze can only protect hard drive partitions of up to a 2 TB capacity (using NTFS).

Competitors

There are sandboxing and virtualization products which have similar features to what Deep Freeze offers but do not employ the same redirection process. These include:

References

Further readings

External links