PolicyPak for LogMeIn

What is scarier than a faceless remote user accessing your organization’s computers from far away?

And do you really trust your users to remote into your own network in the most secure fashion?

The ramifications for misconfigured settings for an application such as LogMeIn Pro could be serious.  Very serious!

And when things are serious, there’s PolicyPak.

At PolicyPak, we enforce and lock down the optimum settings values that you, the administrator, want them to have.  PolicyPak sets and enforces expectations for your users’ applications, so that they get the same experience, every time they launch it.

Keep your LogMeIn Pro configuration settings delivered, enforced and automatically remediated with PolicyPak.  Check out this video to see how it’s done:

Our PolicyPak software snaps-in to the Group Policy Editor and gives you the same user interface as LogMeIn Pro.  You need your users to be able to remote into their workstations at the office when they’re away, but they can’t if the “Enable Wake On LAN from sleep and power off” setting is disabled.  Select it, enable it, and then lock it down with PolicyPak by selecting “Hide corresponding control in target application.”  This PolicyPak feature completely hides the setting from the user.

manage-logmein-using-group-policy-policypak-0
So many of our customers use PolicyPak to configure the proxy settings for their Internet applications.  Use PolicyPak to set the “Proxy server address and port” settings for LogMeIn Pro.
manage-logmein-using-group-policy-policypak-1

As soon as a remote session times out or gets disconnected you want the application locked down to keep new and unwanted connections out.  Use PolicyPak to configure “Lock when connection has been lost” and “Lock when connection has been timed out.”  Then use our exclusive ACL Lockdown feature to prevent savvy users from modifying the setting in the registry itself.

manage-logmein-using-group-policy-policypak-2

With PolicyPak, you’re the one in control.

Besides, once you’re using PolicyPak to manage LogMeIn Pro, you’ll also get to manage all your other enterprise desktop applications the same way: Flash, Lync, Java, Firefox, and any custom applications you have. They’re 100% included – absolutely free.

It’s all included when you’re a PolicyPak Professional customer.

PolicyPak was designed by Group Policy MVP Jeremy Moskowitz – who “wrote the book” on Group Policy, runs GPanswers.com, and lives and breathes Group Policy and enterprise software deployments and desktop lockdown.

When you’re ready to get serious about managing LogMeIn Pro, PolicyPak is ready for you.

Lockdown LogMeIn Video Transcript

Hi, this is Jeremy Moskowitz, Group Policy MVP and Founder of PolicyPak Software. In this video, we’re going to learn how to configure LogMeIn using PolicyPak.

I’ve already got LogMeIn installed on my computer, and I’m just a regular user here.  As you can see, I’m logged on as a guy called “eastsalesuser4.”

I’ll run LogmeIn and then go to its Options.

As you can see I have the Pro edition installed here but the settings for the free edition are almost identical.  We’ll start here in “General” where I have some settings for such things as “Locking the host computer.”  On “Security” I have some security minded settings such as “Denial of Service attack blocker” and “Authentication attack blocker.”  Advanced includes all types of features such as Proxy Settings and Wake on LAN.

We won’t set all of these in this demonstration, just a few to show you what can generally be done.

Now let’s see how we can ensure compliance and perform desktop management of settings quickly using PolicyPak. I’ll go ahead and switch over to my Management Station computer.

We’ll go ahead and right click over our “East Sales Users”, “Create a GPO” and we’re going to call it “Lockdown LogMeIn.” So this GPO is now associated with the “East Sales Users.” I’ll right click over it. I’ll click “Edit…” I’ll dive down under “User Configuration,” PolicyPak/Applications/New/Application.” There it is, “PolicyPak for “LogMeIn” along with other applications like “Java,” “Flash” “Firefox,” “Skype” and lots of other important desktop applications that your users utilize every day (and you want to make more secure).

Let’s start with “General.”  Here we have three settings that lock down the computer.  I’m going to make sure these last two, “Lock when connection has been lost” and “Lock when connection has been timed out” are always checked.  Notice how when I unchecked these settings that the text became underlined.  This means that these setting values will be delivered by PolicyPak.  To ensure these settings aren’t altered at all by my users I’m going to right click on each one and select “Hide corresponding control from target application” so these settings will no longer be visible to my users.

In “Security” I have some settings here for “Authentication attack blocker.”  I’m going to set “Number of invalid attempts allowed” to 7.  Finally I’ll go to Advanced and configure the proxy address for the network and then I will right click and select “Disable corresponding control in target application” so that users can’t alter this setting as well.

Now I will go back to my client machine, we’ll get a command prompt and run “gpupdate.”  Now you could envision the user logging on for the very first time, using a Terminal Services or Citrix machine, using a VDI session, changing job roles, or getting a new computer.   I just happen to be using gpupdate.

Remember: Its PolicyPak performs the magic. To get the magic delivered, you can use Group Policy, SCCM, LanDesk, KACE or your own systems management software.  Even if the user is offline, your settings are always preserved because PolicyPak is always working for you in the background, making sure what you set is what they get.

Now let’s open up LogMeIn again and check our settings.  Notice that the two settings we manipulated on the General Tab, “Lock when connection has been lost” and “Lock when connection has been timed out” are just.. missing. They’re set by PolicyPak and also hidden by PolicyPak.

We’ll do a quick check in Security and confirm that the “Number of invalid attempts allowed” is set to 7 like what we wanted.

Finally let’s go to Advanced and we see that our “Proxy server address port” is set to our special IP address with the port too.

And we are done. That is how incredibly easy it is for you to use PolicyPak to manage LogMeIn as well as tons of other desktop applications.

If you’re looking for a trial of PolicyPak, just click on the “Webinar / Download” button on the right.

Thanks so much for watching, and get in touch with us if you’re looking to get started. Talk to you soon.