When the laptop first arrived, I saw options for both EWF (Enhanced Write Filter) and FBWF (File Based Write Filter). I didn't yet know what it meant, that every change I made would go away after a reboot. It is a neat feature - with the hard drive locked down, if any malware or virus gets installed, just reboot!
I noticed that there was an image of XPe on HP's web site that had a slightly higher dot version than what I was running - 2.1.142 versus 2.1.136. I promptly downloaded and flashed the hard drive and started customizing. I learned about EWF and FBWF, but noticed I no longer had FBWF. (Of course I didn't take a flash image of the drive before reflashing.) HP's web site was very unhelpful when it came to FBWF, in fact the only hit was on the manual for the 4410t, that it was a feature. But where did the feature go? I called tech support and reached an experienced EWF tech that didn't know about FBWF. He was able to point me though to a different image for the 4410t - WES. He suggested I try it, and lo and behold the newer OS had the newer FBWF in addition to EWF.
EWF locks the hard drive down at the bit level. All attempted writes are written to an overlay in RAM. If you choose, you can commit the overlay to the hard drive. In normal operation, if you log off and back on the overlay is still there, but if you restart it is wiped and you are back to your clean environment from the flash drive.
FBWF locks the hard drive down at the file level. It works the same way as EWF except you can allow exceptions for files and folders - writes to these exceptions are written directly to the flash hard drive while everything else goes to the RAM overlay. If you choose, you can commit a single file or folder change to the hard drive.
I'm using FBWF so that our sales staff can keep changes to their profile across reboots. I've opened up the entire 'Documents and Settings' folder for them, so this includes Desktop, App settings, and their User registry. I've also opened up the Local Machine registry file so the DST time change setting is retained (I was losing an hour every time I rebooted :) and services can be changed if necessary.
btw the 4410t comes from HP customized so that browser cache, temp files, and a few other files are written to a RAM disk, so these files are kept off of the hard drive.
I found this post extremely helpful when deciding what to exclude from FBWF - Everything you wanted to know about FBWF but were afraid to ask? I'm not sure why some things are excluded, like WBEM, and it looks like the poster got more detailed than I in opening up portions of the Local Machine registry only. Comments on the post are closed, but maybe for my next build I'll dig into it a bit more. :D
Hopefully I've struck a decent balance between protecting against malware and viruses and making it easy for the user to use the laptop without a USB flash drive. We are choosing against using an anti-virus client, but all traffic from the laptop to our network is wireless and is scanned by our firewall.
chris
Wednesday, November 18, 2009
Tuesday, November 17, 2009
HP thin client 4410t
We're rolling out new thin client laptops at my newspaper to replace older Neoware m100s. I think HP incorporated the best of Neoware into its own models when it bought them a couple of years back.
The m100s have a flash hard drive of only 512 megs, running Win XPe (XP embedded). Being older, they are bigger and heavier than the 4410ts.
I like this new model - 2 Gb flash hard drive, smaller and lighter - although the screen could be a bit bigger. You can get a standard image from HP with either Win XPe or the newer WES - Windows Embedded Standard. Funny thing, the splash screen still says XPe!
The next few posts will detail some of the issues I've run into and overcome while building out a customized image.
chris
The m100s have a flash hard drive of only 512 megs, running Win XPe (XP embedded). Being older, they are bigger and heavier than the 4410ts.
I like this new model - 2 Gb flash hard drive, smaller and lighter - although the screen could be a bit bigger. You can get a standard image from HP with either Win XPe or the newer WES - Windows Embedded Standard. Funny thing, the splash screen still says XPe!
The next few posts will detail some of the issues I've run into and overcome while building out a customized image.
chris
Welcome!
"Open Source. It's the difference between trust and antitrust."
In a similar way to the slogan on the t-shirt I received at Linux World in the early 00s, I believe in open communication and knowledge. I've just never joined the web bandwagon, even though many times I thought about sharing my solutions.
Well, here it is - my first blog! Welcome, and I hope you find something useful here.
thanks,
chris
In a similar way to the slogan on the t-shirt I received at Linux World in the early 00s, I believe in open communication and knowledge. I've just never joined the web bandwagon, even though many times I thought about sharing my solutions.
Well, here it is - my first blog! Welcome, and I hope you find something useful here.
thanks,
chris
[edit 5/14/2011]
Subscribe to:
Posts (Atom)