Tech: DesktopStandard PolicyMaker

I'm just coming from a demonstration of DesktopStandard's PolicyMaker Standard and PolicyMaker Application Security.

We first became interested in the utilities after using the free version of GPOVault made by the same company.

PolicyMaker Standard is a very handy utility for an Active Directory administrator, or anyone who writes Group Policy Objects. It has many features that can be very useful. Several of note that I really liked:

• Essentially eliminate login scripts
  
• Do functions such as map network drives, TCP/IP printers, and push out folders or files to end users or machines
• Filter all functions based on many different variables, such as Security Groups, OUs, time (apply certain settings at certain times), and even how much RAM a machine has.

The only hurdle in using it seems to be the need to install a dll file on all client machines. So if you manage hundreds of machines in AD, making sure all the computers have the dll file installed is critical.

PM Application Security is equally impressive. The biggest challenge that a network/systems admin faces internally with end users is permissions: giving the users just enough permissions so that they can do everything they need to, but nothing that can compromise the machine or your network. PM Application Security lets you select certain applications or tasks that limited users can run with administrative access. The amazing thing here being that when the application starts, any additional processes that it spawns are also run with the same admin abilities so the application won't break.

All in all, I was impressed with both of the products. I have a feeling the price will give us sticker shock.