1. No category

Endpoint - Invincea

Endpoint
End User
Guide
Endpoint v5
Created and Maintained by Invincea, Inc.
Proprietary – For Customer Use Only
Invincea Endpoint – User Guide – v5
Contents
Purpose and Intended Audience ................................................................................................................... 4
What is Invincea Endpoint? .......................................................................................................................... 4
The Invincea WebRedirector ........................................................................................................................ 4
WebRedirector Notifications............................................................................................................................................................. 4
Firefox 40 Support – Webredirector Installation .............................................................................................................................. 6
Invincea Endpoint Icons ............................................................................................................................... 7
Invincea Endpoint Desktop Icon ..............................................................................................................................7
Invincea System Tray Icon ......................................................................................................................................7
Invincea Start Menu Icons ......................................................................................................................................7
Common Applications Tasks ........................................................................................................................ 8
Starting Invincea Endpoint or Launching New Browser Window ..............................................................................8
Additional Ways to Launch a New Browser Window ............................................................................................. 10
Invincea First Run ................................................................................................................................................. 11
Selecting Your Preferred Browser ......................................................................................................................... 13
Native Browser Downloads .................................................................................................................................. 14
File Download Additional Dialogs ................................................................................................................................................... 15
File Upload Dialogs .......................................................................................................................................................................... 17
Protected Application Drop Down Menu – Unprotect Current Page ....................................................................... 18
Using the Unprotect Current Page Feature ..................................................................................................................................... 19
Safely Opening Documents with Invincea Endpoint Document Protection ............................................................. 21
An Additional Note about Document Protection ............................................................................................................................ 22
Enabling / Disabling Document Protection ..................................................................................................................................... 23
BETA FEATURE – Using the Unprotect Current Document Feature ................................................................................................ 24
Invincea Suspicious Activity Detection .................................................................................................................. 25
Software and Configuration Updates .................................................................................................................... 26
Auto Restore ........................................................................................................................................................ 27
Sending Support Logs to Invincea for Review ........................................................................................................ 28
NEW FEATURE – Uninstall Password ..................................................................................................................... 29
NEW FEATURE – Installation Passthrough ............................................................................................................. 30
Invincea System Tray Options .................................................................................................................... 31
Open Internet Explorer ......................................................................................................................................... 31
Open Firefox ........................................................................................................................................................ 31
Open Google Chrome ........................................................................................................................................... 31
Proprietary – For Customer Use Only
2015
Release Date: August 14,
2
Invincea Endpoint – User Guide – v5
Restore ................................................................................................................................................................ 31
Suspect Activity Details… ...................................................................................................................................... 32
Preferences… ....................................................................................................................................................... 32
About… ................................................................................................................................................................ 33
Exit ...................................................................................................................................................................... 33
Preference Menu Options .......................................................................................................................... 34
General Tab ......................................................................................................................................................... 35
Basics ............................................................................................................................................................................................... 35
Always protect my default web browser .................................................................................................................................... 35
Load in the background when Windows starts .......................................................................................................................... 35
Border ............................................................................................................................................................................................. 35
Color Selector Dialog .................................................................................................................................................................. 36
Apps Tab .............................................................................................................................................................. 37
Auto-Restore Tab ................................................................................................................................................. 38
Automatic Restore .......................................................................................................................................................................... 38
Remind me to restore my browser option ................................................................................................................................. 38
Daily Option ............................................................................................................................................................................ 38
Weekly Option ........................................................................................................................................................................ 38
After Elapsed Option .............................................................................................................................................................. 38
Next auto-restore Display ........................................................................................................................................................... 39
Security Tab ......................................................................................................................................................... 40
Activity Blocking .............................................................................................................................................................................. 40
Terminate suspect processes immediately as they are detected ............................................................................................... 40
Remove suspect documents on detection ................................................................................................................................. 40
Remove downloads from an suspect session ............................................................................................................................. 40
Clear all browsing data from a suspect session .......................................................................................................................... 40
Only open documents originating from the internet ................................................................................................................. 41
Downloads....................................................................................................................................................................................... 41
Block unsafe file extensions from downloading ......................................................................................................................... 41
Block executable downloads that are not digitally signed ......................................................................................................... 41
Update Tab .......................................................................................................................................................... 42
Software Update ............................................................................................................................................................................. 42
Configuration Status........................................................................................................................................................................ 42
Trusted Sites Tab .................................................................................................................................................. 44
Proprietary – For Customer Use Only
2015
Release Date: August 14,
3
Invincea Endpoint – User Guide – v5
Purpose and Intended Audience
This document is intended to provide information and instruction for tasks that are considered day-to-day for users of
the Invincea Endpoint product.
What is Invincea Endpoint?
Invincea Endpoint provides a secure container for users to run the most common web browsers and document
applications and an activity monitoring sensor that tracks and reports process activity. By running applications in a
secure container, users are protected from malicious attacks that may come via a website or infected document.
Invincea Endpoint helps by securing web browsing, using the Invincea WebRedirector to ensure that only sites that have
been trusted can be opened outside of the secure container. This experience is automated and mostly transparent to
the user to ensure a consistent browsing experience. The host data collected by the sensor feature is reported back to
the Invincea Management server for scoring and analysis so that administrators can be alerted to any malicious
processes running on a user’s PC.
The Invincea WebRedirector
The Invincea WebRedirector controls which websites are viewed in a user’s unprotected web browser versus a
protected browser running in the Invincea secure container. When a user attempts to access a website in the
unprotected browser that is not considered “trusted” the WebRedirector will re-open the requested page in an Invincea
protected browser to ensure a safe browsing experience.
In addition to ensuring users are opening untrusted content in a protected browser, the WebRedirector also ensures
that trusted websites can be opened in an unprotected browser by the same process. If a user is browsing in a
protected browser and visits a trusted site, the requested site is then reopened in an unprotected browser. This is
generally done for internal company websites or for sites that have compatibility issues while running in the secure
container.
WebRedirector Notifications
The WebRedirector has several different notification dialog boxes that help to educate the user about when they are
moving between trusted and untrusted pages. However, to make the experience more transparent, administrators may
have disabled these notifications.
The first notification is presented to the user when a trusted site is accessed in a protected browser. This dialog gives
the user the ability to select if they want to remain within the protected browser or to continue with the unprotect
operation.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
4
Invincea Endpoint – User Guide – v5
Pressing the “Unprotected” button will open the page that is being requested in the unprotected browser. This may be
necessary for sites that need additional plugins or operating system integration. Pressing the “Protected” button will
continue opening the page in the protected browser.
By selecting the checkbox for “Remember my decision for this site”, Invincea Endpoint will remember the user’s decision
for this site. If the checkbox is selected the dialog box will only be presented once for the selected domain or site name.
If this option is not selected the selection dialog will be displayed after every restore or restart of the Invincea Endpoint
container.
In addition, users may also see an Invincea Alert notification appear above the system tray icon during a redirection.
This notification will serve to let the user know that they have visited a trusted site and are being directed from the
protected browser to an unprotected browser. The user can check the box labeled “Don’t show me again” to disable
this notification in the future, for all protected to unprotected redirection operations.
A similar dialog box also exists for the reverse action of moving a site from the unprotected browser to the protected
browser within the secure container. This dialog can also be suppressed with the “Don’t show me again” checkbox.
Note: The above dialogs display default messages. These may be customized by an administrator and show different
text.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
5
Invincea Endpoint – User Guide – v5
Firefox 40 Support – Webredirector Installation
With the release of Firefox 40, Invincea updated the Webredirector to address changes made in Firefox. Endpoint 5.0.2
and later support Firefox 40.
Once the user’s machine is using both Firefox 40 or later and Endpoint 5.0.2 or later, the first run of Firefox with Invincea
will launch unprotected Firefox to install the Firefox redirector. The below dialog box will be displayed to the user to
indicate unprotected Firefox launched before the protected Firefox.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
6
Invincea Endpoint – User Guide – v5
Invincea Endpoint Icons
After the Installation of Invincea Endpoint, one new icon will be located on the desktop, one new icon will be located in
the system tray and a new folder will be created within the Start Menu. The following section helps to identify each of
these new icons and what their functions are.
Invincea Endpoint Desktop Icon
The Invincea Endpoint icon found on the desktop is a point of execution for the Invincea application.
Double clicking on this icon will start the Invincea application if it is not currently running or will launch a
new browser window if it is running. This icon can
also be copied or pinned on to the quick launch tool bar to allow for easier access.
Invincea System Tray Icon
The Invincea system tray icon can be found in the system tray (next to the clock) when the Invincea
secure container is running. Product actions, such as opening a new browser window,
restoring Invincea to a clean state or modifying user preferences are available from this tray icon.
More details on what options are available and how to use them can be found later in this
document.
Invincea Start Menu Icons
Invincea Endpoint can also be launched (either starting the program,
or opening a new browser window) by going to the start menu, choosing All
Programs, choosing Invincea, and then choosing Endpoint. Within this folder is
an Invincea Endpoint shortcut that can be used to run the application.
Additionally, this folder contains a support tool that can be used to send support
logs to the Invincea Customer Care team in case of an issue with the product.
NOTE: The desktop icon, system tray icon and start menu items may not be available if they have been disabled by
the administrator. If they are not available, contact your administrator for additional information.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
7
Invincea Endpoint – User Guide – v5
Common Applications Tasks
The following section offers step by step instructions for common application tasks.
Starting Invincea Endpoint or Launching New Browser Window
To start the Invincea Endpoint product or to launch a new protected browser window within the secure container,
double-click on the Invincea Endpoint icon on the desktop.
If the product is not running, clicking on the desktop icon will display a “Preparing protected environment” notification
as the secure container is created. Once that process has finished, a protected browser window will be displayed.
To indicate that the Invincea Endpoint product is running, a system tray icon showing the Invincea logo is displayed in
the system tray.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
8
Invincea Endpoint – User Guide – v5
Applications running in the Invincea secure container contain a customizable border color that outlines application
windows opened within the secure container. This is to help the user distinguish between the unprotected applications
and those running in the secure container.
The following screenshot displays a protected Internet Explorer window with a green border.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
9
Invincea Endpoint – User Guide – v5
Additional Ways to Launch a New Browser Window
Once Invincea Endpoint is running the user can open a new protected browser window by doing one of three simple
tasks.
The first is to double-click on the Invincea Endpoint icon on the desktop.
The second is to right click on the Invincea system tray icon, and select “Open
Internet Explorer,” “Open Firefox” or “Open Google Chrome” from the menu. Note
that the preferred browser (the one opened by double clicking the Invincea Endpoint
desktop icon) is listed first and is bold. In the screen shot below, Internet Explorer is
the preferred browser. Also, only available browsers will be listed.
Finally, the user can go to the Start Menu, choose All Programs, open the Invincea folder, then the Endpoint folder, and
finally choose “Invincea Endpoint”.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
10
Invincea Endpoint – User Guide – v5
Invincea First Run
When Invincea Endpoint is run for the first time, the user will be asked to select a few product configuration options (or
leave the defaults) and then will be guided through a brief tour of the product. This tour provides the user with a simple
overview of the product functionality. Once the tour completes, the product will finish loading.
The tour can also be accessed by right clicking on the Invincea Endpoint system tray icon, choosing “About” then
pressing the “Tour” button. This second option provides the user a way to view the tour if an administrator has disabled
it from being displayed on the first run of the product.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
11
Invincea Endpoint – User Guide – v5
The configuration screen allows users to select whether or not they want their default browser protected, if they want
document protection enabled, which file type they want protected and also whether or not they want to show a border
around protected windows (along with the border color). Users can then select “Begin Tour” to progress through the
first run tour, “Previous” to return to the prior screen, or “Skip Tour” to exit the tour and start the Invincea Endpoint
product.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
12
Invincea Endpoint – User Guide – v5
Selecting Your Preferred Browser
Within the Invincea Endpoint secure container there is the concept of a preferred browser, since the application has the
ability to protect multiple browsers. The preferred browser is the browser within the secured container that will be
used by default. This browser will be opened for hyperlinks or any other host request for the default browser (when
Invincea Endpoint is set as the host default browser). Additionally, whenever the Invincea Endpoint icon is double
clicked, the preferred browser will open.
If multiple browsers are available for a user, the user can select which is preferred through the Apps tab on the
Preferences menu.
The user is able to select any browser from the “Protected Apps” list and check the “Use this browser to open web
pages” checkbox to set the selected browser as preferred. Only a single browser can have this option selected and one
browser must always be selected. If only one browser is available, no changes can be made.
Note, this ability may have been disabled by an administrator.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
13
Invincea Endpoint – User Guide – v5
Native Browser Downloads
Invincea Endpoint leverages the same download dialogs that would be presented via a web browser without the
Endpoint protection. Users should expect to see and use these dialogs as they normally would, without Endpoint in the
environment.
In certain cases, administrators may enable confirmation dialog boxes to ensure that file save or open actions that will
leave the Invincea secure container alert the user. For example, if a user has confirmation dialogs enabled for open
actions and a user were to open a PDF file, no dialog box would be displayed as the file would open in a secured
application within the Invincea container.
When the browser dialog displays and the user chooses to “Save” or “Open” a file, the Invincea confirmation dialog box
will display before the final stage of moving the download file out of the secure container. If the Cancel button is
pressed on the Invincea confirmation dialog, the download will be deleted from the secure container rather than being
copied to the host.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
14
Invincea Endpoint – User Guide – v5
File Download Additional Dialogs
Invincea Endpoint also has advanced download features that help to protect the user. These advanced options prevent
certain files from being downloaded by a protected browser in the secure container. One of these advanced features is
the ability to block downloads for certain types of files. If a file download is blocked by type, the following message will
be displayed when a request to download the file type occurs. This option can be enabled by the administrator for a
variety of file types or can be enabled/disabled through the user preferences UI. If enabled through the preferences UI
by the user, the default extension types will be blocked. These extensions include:
bas, bat, chm, cmd, com, cpl, crt, dll, exe, hlp, hta, inf, ins, isp, msc, msi, msp,
mst, pif, reg, scr, sct, shb, shs, sys, vb, vbe, vbs, wsc, wsf, wsh
When this feature is active, the following dialog will display to alert the user of the extra level of protection that is in
place.
As a new feature, Endpoint™ includes ZIP files as an unsafe file extension, and will be blocked from being downloaded.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
15
Invincea Endpoint – User Guide – v5
A second advanced feature is to validate that executable files have a valid digital signature before allowing the file to be
downloaded by a protected browser. If this feature is enabled, and a requested executable file does not have a valid
digital signature, the following dialog will indicate to the user that the file cannot be downloaded.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
16
Invincea Endpoint – User Guide – v5
File Upload Dialogs
In some cases, when a user attempts to upload a file to a website, Invincea will display an additional dialog box
indicating that the file is being “secured.”
This dialog box is an indicator that the file is being transferred into the secure container so that it can be uploaded to the
website as requested. This dialog is used to inform the user that the website action will not be completed until the
securing process finishes, and the website may appear unresponsive or “hung” until the file is fully secured. Once the
securing process is completed, the Invincea dialog box will close and the website will continue its action.
Additionally, users may see the “securing” dialog when opening a large protected document, as the document may take
a moment to transfer into the container and open in a protected application.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
17
Invincea Endpoint – User Guide – v5
Protected Application Drop Down Menu – Unprotect Current Page
Invincea Endpoint adds a drop down menu on the top edge of all protected applications. The drop down menu is an
indicator that an application is protected by Invincea Endpoint and also allows for quick access to features of the
product, such as the preferences menu.
The drop down menu can be found in the middle of the top edge of the any protected application window. It is a small
gray button that displays the menu when clicked.
Besides informing the user that the application they are using is protected by Invincea, the menu also provides the user
with quick access to two different software options. The first option is the “Preferences” option, which is always
displayed at the bottom of the menu. By selecting Preferences, the user preferences UI will be displayed, as it would be
if the user selected the Preferences option from the system tray menu. This option is designed to allow the user a
second control point to access the preferences menu.
The second option, “Unprotect Current Page,” is used to reopen the current page being displayed in protected browser
in an unprotected browser (outside of the container). This is useful if the page being viewed in the protected browser is
not rendering correctly or if there is some sort of compatibility issue. This option is currently only available for browsers
protected by Invincea and may be disabled by an administrator, which removes the option from the menu.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
18
Invincea Endpoint – User Guide – v5
Using the Unprotect Current Page Feature
When using the “Unprotect Current Page” feature, the user will be prompted with the below dialog before the site is
moved to the unprotected browser to ensure they are aware of the potential danger of browsing outside of the
protected browser. The user can choose to continue by pressing the “Unprotect” button or they can cancel the action
by pressing the “Cancel” button. Users have the ability to select subdomains when unprotecting a page. This allows
users the ability to trust a very specific subdomain, or the entire domain, depending on the necessity.
The dialog box also contains a check box with the option “Always trust this website.” When checked, this option stores
the domain of the site that is being unprotected, so that any future visits to this domain in the protected browser will be
automatically redirected to the unprotected browser. This is convenient for business related sites that are used
frequently and do not work correctly in the protected browser. Once these sites are permanently stored, they can be
managed in the Preferences menu if they need to be removed. If the site is not permanently stored, it will be removed
from the temporary trusted sites list at the next restore.
The “Trusted Sites” tab within the Preferences menu allows for the user to view the sites that have been permanently
listed as trusted sites and to also remove a site if it no longer needs to be trusted. This can be done by selecting the site
in the list and pressing the “Remove” button. If the user wishes to remove all sites, they can press the “Remove All”
button.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
19
Invincea Endpoint – User Guide – v5
Additionally, administrators have the option to require a justification of the unprotect action. When an administrator
has enabled this feature, the dialog box for the unprotecting a site will contain a text box to enter the business
justification.
This business justification and the unprotected website will be reported to the administrator when the “Unprotect”
button is pressed.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
20
Invincea Endpoint – User Guide – v5
Safely Opening Documents with Invincea Endpoint Document Protection
In addition to preventing malware from infecting a computer via a web browser attack, Invincea Endpoint also offers the
ability to securely open documents inside of the Invincea secure container. This helps to prevent malicious documents
from affecting the computer as well.
Currently, Invincea Endpoint offers a secure way to open documents for several different file types. Invincea Endpoint
secures:




Adobe Reader and Adobe Acrobat: allowing secure viewing of PDF files
Microsoft Word: allowing secure viewing of DOC, DOCX and may other MS Word files
Microsoft Excel: allowing secure viewing of XLS, XLSX and may other MS Excel files
Microsoft PowerPoint: allowing secure viewing of PPT, PPTX and may other MS PowerPoint files
The protected document applications can be identified as the protected browsers are by the customized border color
that surrounds the application. The following windows provide examples of the protected applications with the border
displayed.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
21
Invincea Endpoint – User Guide – v5
An Additional Note about Document Protection
When editing documents inside of a protected application, the document application is subject to the “Restore” process,
just as the protected browsers are. When a “Restore” of the secure container needs to be executed, all protected
applications need to be closed out. To help ensure users do not lose any unsaved changes, the protected applications
will prompt the user to save the document. If the “Restore” is delayed because of an unsaved file, an additional dialog
will display over the system tray indicating that the Invincea Endpoint “Restore” cannot continue until the unsaved
document is saved or closed.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
22
Invincea Endpoint – User Guide – v5
Enabling / Disabling Document Protection
The Invincea Endpoint product gives users a simple way to enable or disable document protection for protected
applications. By disabling document protection for an application, the associated file types for that application will no
longer open inside the Invincea secure container.
To control which applications have document protection enabled, navigate to the Preference menu from the drop menu
or system tray menu. Choose the Apps tab.
On the Apps tab, all applications that can be protected by Invincea are listed in the Protected Apps list. By clicking on an
application name in this list, details about that application and available options are listed. To enable or disabled
document protection for a specific application, simply check or uncheck the “Enable document protection” checkbox.
This can be done for one or all available applications. The protection will be enabled or disabled for all file types listed
under “Protected file types” for the selected application.
Note: The ability to enable or disable document protection may have been disabled by an administrator. In this case,
the option would appear grayed out.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
23
Invincea Endpoint – User Guide – v5
BETA FEATURE – Using the Unprotect Current Document Feature
Invincea Endpoint has a new feature that allows users to Unprotect Microsoft Office documents if they have opened in a
protected state. Users may wish to use this feature if the document they are working on has features or functionality
that are disabled while the document is opened in a protected state.
NOTE: This feature may be disabled by an administrator.
A user may access this option by opening the Invincea Endpoint drop-down menu and selecting the “Unprotect Current
Document” option.
During the unprotect action, if the user has unsaved changes, they will be prompted to save the document before the
document is unprotected. This ensures that no changes are lost when the document is opened in unprotected mode.
When using the “Unprotect Current Document” feature, the user will be prompted with the dialog below before the
document is moved to the unprotected browser to ensure they are aware of the potential danger opening documents,
especially those downloaded from the internet or from emails. The user can choose to continue by pressing the
“Unprotect” button or they can cancel the action by pressing the “Cancel” button.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
24
Invincea Endpoint – User Guide – v5
Invincea Suspicious Activity Detection
Invincea Endpoint has a built in detection engine that detects unsafe behavior within the secure container. When a
suspicious activity is detected, Invincea Endpoint indicates a restore needs to be completed to return the secure
container to a clean state. The following Invincea Alert is displayed to the user.
The user can click the “Restore” button, which will destroy the dirty container and recreate a clean container.
Alternatively, the user has the option to close the notification and continue working in the dirty state, though this is not
recommended. If the user dismisses the Invincea Alert without restoring the container the Invincea Endpoint system
tray icon will turn red until the restore is completed. This serves as a reminder to the user that the container is dirty and
needs to be restored.
If an administrator chooses, the user may not be given the option to dismiss the alert as mentioned above. In this case
the user will be presented with a countdown timer that indicates when the restore will happen. Once the timer has
expired, the product will automatically execute the restore process.
It is important to note that if the restore happens by the expiring timer, a protected browser window will NOT be
displayed when the restore completes, unlike what happens during a manual restore process. A dialog box will be
displayed though to indicate that the container has been restored and the cause of the restore was a detected threat.
Note: The above dialogs display default messages. These may be customized by an administrator and show different
text.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
25
Invincea Endpoint – User Guide – v5
Software and Configuration Updates
The Invincea Endpoint software includes a software and configuration update feature that allows administrators to
update the software version and configuration of the product remotely. When a new version of the Endpoint software
has been published, there are three different ways that software update may be applied.
With the first method the software upgrade will start immediately. When this method is used the following notification
will be displayed to the user. This notification contains a countdown timer, which informs the user when the update will
be applied. The user has the ability to press the “Install Now” button if they are ready for the update, otherwise the
update will be automatically applied once the timer expires.
The second method allows the user to decide when the software update will be applied. The user can choose to press
the “Install Now” or “Install Later” button. Closing the dialog has the same effect as pressing the “Install Later” button.
Pressing the “Install Now” button will immediately exit Invincea Endpoint, closing all protected applications, and start
the upgrade process. Once the upgrade process has finished, the product will restart and the user will be presented
with a protected browser. If the user chooses to press the “Install Later” button, this will delay the install until the next
time the product is Restored or Restarted.
The final method is for the software update to be applied silently in the background with no user interaction. In this
case, the software will be silently downloaded to the client system and will go through the upgrade process the next
time the product is restored or restarted. There are no dialogs presented to the user with this method.
For all methods, while the update process is running, the user will see the following message displayed above the
system tray.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
26
Invincea Endpoint – User Guide – v5
Auto Restore
The Invincea Endpoint product has an auto-restore feature that is used to restore the secure container to a clean state
at a scheduled interval. The auto-restore feature has the ability to be pre-configured by the administrator or it can be
configured via the user preferences menu.
The auto-restore can occur in two different fashions; forced or optional. When an administrator has decided that the
auto-restore does not need to be forced, the user will be presented with the below dialog box, which gives the ability for
the auto-restore to be cancelled. By pressing the “Keep Browsing” button, the auto-restore is dismissed and will trigger
again at the next scheduled time. If the user presses the “Restore Now” button, all protected applications will be closed
and the secure container will be restored to a clean state. It is recommended that users preform the restore when the
alert is displayed.
When the administrator has decided to force the restore process the user will be presented with the below dialog,
which offers a countdown timer until the restore is to occur. When the timer expires, the restore process will occur.
Optionally, the user has the ability to press the “Restore Now” button to make the restore process happen prior to the
expiration of the timer.
For users that manage the auto-restore timer via the preference menu, it is recommended that auto-restore option be
enabled to ensure that a clean protected browser is used each day. It is recommended that the Invincea secure
container be restored every 24 hours or at least once each day. Restoring the product ensures that the secure container
is always clean and free of malicious activity.
It is also important to note that the Invincea protected browser is restarted each time the computer is restarted or a
user logs onto the PC. If this occurs, the auto-restore may not be necessary till the following day.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
27
Invincea Endpoint – User Guide – v5
Sending Support Logs to Invincea for Review
The Endpoint application has a built in log reporting tool that allows for product logs to be sent to Invincea directly for
review. This tool may be used at any time to report an issue, or certain errors within the product may request that logs
be sent to report the issue to Invincea.
The Endpoint Report Submitter dialog box provides a box to enter additional details about the error or what may have
been occurring when the error was displayed. If the dialog box displays the text (required) this field must be filled in
prior to submitting the log report.
In addition to filling out the description field, the Privacy Policy check box needs to be selected before the submit button
will be active and allow the report to be sent.
In certain cases, logs in addition to the default logs may be requested. These can be enabled by pressing the options
button prior to submitting the report. The Options button allows for additional log types and a screenshot to be
included. If using the screenshot feature, be sure that the Report Submitter dialog box is not blocking the error message
that needs to be captured before pressing the Submit button.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
28
Invincea Endpoint – User Guide – v5
NEW FEATURE – Uninstall Password
Invincea Endpoint has a new feature that prompts for a password if there is an attempt to uninstall it. If this feature is
enabled, the password set by the Administrator would need to be entered to remove the program from the computer.
If an incorrect password is entered, the message below appears. Click OK to close this message.
If Invincea Endpoint needs to be uninstalled, please contact your internal IT Administrator for assistance.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
29
Invincea Endpoint – User Guide – v5
NEW FEATURE – Installation Passthrough
Installation Passthrough is a new feature with Endpoint v5 used to intervene in the creation of processes and stop
problematic installations from occurring in the Invincea secured container. The installations can be either passed
through the Invincea secured container and run outside of Invincea, or blocked from occurring.
When the user installs or launches an application that is set to passthrough to the host, they will receive the following
dialog box with the respective name and source of the application:
Clicking allow will allow the application to be executed on the host. Clicking Cancel will stop the execution and the
process will stop.
When the user attempts to install or launch an application blocked by the administrator, they will receive the following
dialog box with respective name of the blocked application:
Proprietary – For Customer Use Only
2015
Release Date: August 14,
30
Invincea Endpoint – User Guide – v5
Invincea System Tray Options
The following section outlines the menu options available from the Invincea System Tray Icon. The System Tray Menu
can be accessed by right-clicking on the Invincea Icon in the system tray.
NOTE: The system tray icon may not be available if it has been disabled by the administrator. If it is not available,
contact your administrator for additional information.
Open Internet Explorer
“Open Internet Explorer” is used to open an Internet Explorer browser window within the Invincea secure container. If
Internet Explorer is the only browser available or is set as the preferred browser, it will appeared bold and at the top of
the menu. In the above screen shot, Internet Explorer is the preferred browser.
Open Firefox
“Open Firefox” is used to open a Mozilla Firefox browser window within the Invincea secure container. The preferred
browser defined in the preferences menu is bold and listed first. If Mozilla Firefox is not available in the secure
container, it will not be displayed in this menu.
Open Google Chrome
“Open Google Chrome” is used to open a Google Chrome browser window within the Invincea secure container. The
preferred browser defined in the preferences menu is bold and listed first. If Google Chrome is not available in the
secure container, it will not be displayed in this menu.
Restore
The “Restore” option is used to restore the Invincea secure container to a clean state if suspicious activity has been
detected or if the container needs to be reset for any other reason. It is recommended that the Invincea secure
container be restored at least once a day.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
31
Invincea Endpoint – User Guide – v5
Suspect Activity Details…
When suspicious activity has been detected by Invincea threat detection, this additional menu item will be displayed in
the system tray menu. The user may select the “Suspect Activity Details…” option to view further information regarding
the activity. The user is able to click the “Restore” button from this window to restore the Invincea secure container
back to a clean state.
Preferences…
The “Preferences…” option is used to configure settings for the Invincea secure container and protected applications,
such as auto-restore or setting Invincea Endpoint as the default browser. Depending on how the administrator has
configured the Invincea Endpoint product, some of these options may be disabled. The preference options are
explained in greater detail in the next section.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
32
Invincea Endpoint – User Guide – v5
About…
The “About…” option is used to view the current version of the Invincea software installed on the client machine, and to
view (if connected to an Invincea Management server) the CMS group and configuration revision that is currently
applied to the client. The “Help” button can be used to open a designated Help site (either the Invincea default or a
client customized version). Finally, by pressing the “Tour” button, the first run tour will be displayed.
A new feature is the Configuration Status button that launches the Preferences’ Update tab. This allows the user to
check for updates and restore if they are not on the latest configuration revision.
Exit
The “Exit” option is used to cleanly close down the Invincea secure container when it is no longer needed or when it
needs to be restarted completely. Using the “Exit” option is the only way to fully shutdown the Invincea Endpoint
product. Closing all protected application windows will leave Invincea Endpoint running in the background.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
33
Invincea Endpoint – User Guide – v5
Preference Menu Options
The following section identifies the options that are available in the user preferences interface. The Preferences
interface can be accessed by right clicking on the Invincea System tray icon and selecting “Preferences…”
It is important to note that all of the options within the user preferences interface can be administratively controlled, so
some of the options explained in the following section may be grayed out or not configurable.
The preferences menu can also be accessed from the drop down menu that is found on the top of any protected
application.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
34
Invincea Endpoint – User Guide – v5
General Tab
The General Tab provides options configuring Invincea Endpoint as the default browser, configuring if Invincea Endpoint
should start with Windows, and for changing the border color around protected windows.
Basics
The Basics section of the General tab allows modification of two different options listed below.
Always protect my default web browser
By selecting this check box, Invincea Endpoint will act as the default browser and will pass information to a protected
browser any time the default browser is invoked (such as via a hyperlink) on the PC. Unselecting this check box will set
the default browser back to the previously set default browser.
Load in the background when Windows starts
This check box will define if the Invincea Endpoint product will start automatically in the background each time the
computer is restarted. It is recommended that this option be checked so that the first time the product is used, there is
no delay in bringing up the browser window.
Border
The Border section of the General tab allows the option to enable or disable a colored border that is shown around
protected application windows. To enable the border, simply check the option box. When this box is not checked, no
border will be displayed. By default, the browser displays with a green border, but this can be customized by pressing
the “Pick Color…” button and choosing a new color from the color picker. The new color will take affect when the OK
button is pressed on the Preferences dialog.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
35
Invincea Endpoint – User Guide – v5
Color Selector Dialog
To select a new border color, select one of the pre-populated colors, or enter your own color combination. Press OK to
select the new color.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
36
Invincea Endpoint – User Guide – v5
Apps Tab
The Apps Tab provides the ability to specify which programs within the secure container will be used to handle browsing
and document protection. For web browsing, all available web browsers will be listed, and the user can choose which
browser will be preferred for browsing in the secure container. This can be done by selecting “Use this browser to open
web pages” for the browser that is preferred.
Additionally, certain applications can be specified to handle different documents types. By default, Adobe Reader is
enabled to protect PDF documents within the secure container, but other applications may be available, such as Adobe
Acrobat. Document handling can also be enabled on Internet Explorer or Firefox for static htm and html pages stored on
the local PC.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
37
Invincea Endpoint – User Guide – v5
Auto-Restore Tab
The Auto-Restore Tab provides options for configuring the Auto-Restore settings.
Automatic Restore
The Automatic Restore section of the Auto-Restore tab provides the ability to enable and disable a scheduled restore of
the Invincea secure container. The Auto-Restore can be customized to occur on a defined schedule.
Selecting the “Enable Auto-Restore” checkbox will enable the auto restore feature with the settings selected. The
restore will close all open Invincea protected applications and restore the Invincea secure container to a clean state. If
the checkbox is unselected, Auto-Restore will be disabled.
Remind me to restore my browser option
The “Remind me to restore my browser” option provides a drop down menu with three options; daily, weekly and after
elapsed. The end user will be able to customize the schedule based on these options.
Daily Option
The “Daily” option changes the dialog box to allow for the end user to select a specific time each day that the secure
container will auto restore.
Weekly Option
The “Weekly” option changes the dialog box to allow for the end user to select what day of the week the secure
container will auto-restore and at what exact time that day the auto-restore will occur.
After Elapsed Option
The “After Elapsed” option allows for the user to select the time period in hours and minutes after startup or restore
that an auto-restore will be started. This time period begins when the product is started or restored. For example, if
this option is set to 12 hours, the secure container will be restored after the container has been continually running for
that period of time. The timer resets each time a restore is done.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
38
Invincea Endpoint – User Guide – v5
Next auto-restore Display
The Next auto-restore display indicates when the next auto-restore will take place based on the settings that are
configured.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
39
Invincea Endpoint – User Guide – v5
Security Tab
The Security Tab provides options for configuring the Security settings.
Activity Blocking
The Activity Blocking section of the Security tab gives the end user the ability to configure additional options on how
certain activities are handled. Selecting the check mark in front of an option will enable that feature.
Terminate suspect processes immediately as they are detected
This option allows for the Invincea secure container to terminate suspect processes as soon as they are detected. The
end user will be notified of the infection and prompted to restore.
Remove suspect documents on detection
This option allows for the Invincea secure container to delete documents that are located on the end user’s PC if a threat
is detected within the document. This document will be permanently deleted. The user will be notified if this occurs.
An example of this option would be the user opening a PDF on their desktop that contained malicious content. This file
would be deleted from the desktop and a restore of the Invincea secure container would be executed (or prompted).
Remove downloads from an suspect session
This option allows for the Invincea secure container to immediately remove any files downloaded during a session that is
deemed infected from the host machine. The user will be notified of the deleted files at the time of infection. An
example of this option would be if the user downloaded three PDF documents with the protected browser and then
browsed to a malicious site. These three documents would be removed from the location that they were downloaded
to.
Clear all browsing data from a suspect session
This option allows for the Invincea secure container to clear all browsing data (additional bookmarks, changes to
browser settings, history, cookies, etc.) during a suspect session (when a suspicious activity alert is displayed). If the
option is not checked, then the browsing history and data will remain intact when the restore happens, even if they
Proprietary – For Customer Use Only
2015
Release Date: August 14,
40
Invincea Endpoint – User Guide – v5
have been modified by the attack (such as changing the home page to something malicious or adding in malicious
bookmarks).
Only open documents originating from the internet
This option will allow only documents that originate from the internet to be opened in an Invincea protected document
application. Documents which are created locally will be opened outside of the secure container. When not selected,
all documents will be opened in the secure container (for document types that Invincea Endpoint is default program).
Downloads
The Downloads section of the Security Tab gives the end user the ability to configure additional options on how files are
handled when downloaded.
Block unsafe file extensions from downloading
This option allows for Invincea Endpoint to immediately stop any blacklisted file types from being downloaded by a
protected browser. If this option is not checked, the files will be downloaded to the Invincea downloads folder unless an
infection is detected.
The following is the default list of file types that will be blocked by enabling this option (can be modified by an
administrator):
bas, bat, chm, cmd, com, cpl, crt, dll, exe, hlp, hta, inf, ins, isp, msc, msi, msp,
mst, pif, reg, scr, sct, shb, shs, sys, vb, vbe, vbs, wsc, wsf, wsh
Block executable downloads that are not digitally signed
This option allows for Invincea Endpoint to immediately stop any executable without digital signature from being
downloaded. Executable downloads that are digitally signed will be downloaded. If this option is not checked, all
executable files, regardless of signature status, will be downloaded to the Invincea downloads folder unless an infection
is detected.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
41
Invincea Endpoint – User Guide – v5
Update Tab
The Update Tab provides options for the software and configuration update settings.
Software Update
Users can select the check box “Automatically check for software updates” to enable auto updates. This will allow the
product to automatically check for software and configuration updates when the product is started up and on the
interval specified in the following drop down. The options are as follows.



On Restore: Upon restore from either a suspicious activity or auto-restore.
Hourly: Invincea will check for software updates every hour.
Daily: Invincea will check for software updates every day.
Users also have the ability to press the “Check Now” button to immediately check for software and configuration
updates. This can be helpful if an administrator has posted a configuration or software update and it needs to be
applied immediately. This button will always be available, even if the administrator has prevented users from being able
to modify or disable the update feature.
Configuration Status
The Configuration Status section provides additional details about the connection between the client software and the
management system it is currently configured to be managed by. The Configuration Status section provides four pieces
of information:



Version: Displays the full product name and version number of the client software
Config Server: Displays the defined URL for the management server that is currently defined
Last Heartbeat: Displays the timestamp of the last heartbeat that occurred and indicates if that heartbeat was
successful by displaying a green (success) or red (fail) icon
Proprietary – For Customer Use Only
2015
Release Date: August 14,
42
Invincea Endpoint – User Guide – v5

Group / Revision: Displays the name of the group within the management system that this host is currently part
of and which configuration revision is currently being run
Proprietary – For Customer Use Only
2015
Release Date: August 14,
43
Invincea Endpoint – User Guide – v5
Trusted Sites Tab
The Trusted Sites Tab provides the ability to remove previously stored trusted sites.
This tab displays the sites that were trusted via the “Unprotect this page” option in the drop down menu. Domains /
URLs that were specified as “Always trust this site” will be listed. If a user wishes to remove a single domain / URL from
this list, they can select the domain / URL to be removed and then can press the “Remove” button. If a user wishes to
clear all of the domains / URLs listed, they can press the “Remove All” button.
Proprietary – For Customer Use Only
2015
Release Date: August 14,
44

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz