Can I use Active Directory to distribute, enforce or audit MetaDefender Endpoint usage?

Yes, you can. Microsoft Active Directory is a powerful directory service that can be used to distribute, enforce and audit MetaDefender Endpoint usage on managed endpoint PCs.

Distribution through one-time, Automatic Installation

Because it is packaged as a Microsoft Software Installer (or MSI), the persistent MetaDefender Endpoint facilitates streamlined distribution to all managed endpoints.

A simple, one-time installation can be performed by hosting your MetaDefender Endpoint installer in a central location, and then referencing it as a parameter to MSIEXEC.

For example, the following line would execute a silent installation of an MetaDefender Endpoint installer, hosted on a shared network drive that is mounted as drive Z:

Z: MSIEXEC /a "Z:\Shared\Public\OPSWAT_GEARS_Client_3445-2e5e65e6b68ce141d-0.msi" /qn

Enforcement through Software Assignment

Active Directory can not only be used to distribute and install the software, as mentioned above, but also to enforce that it remains installed.

In Active Directory terms, this is known as ‘assigning software.’

You have the option to assign software to authenticated users or machines. Both are viable options, and you should choose the one that aligns with your other corporate software installations and infrastructure.

To learn more, read the official Microsoft guide, found Here.

Auditing through Policy creation

Besides that, Active Directory also facilitates auditing by giving administrators the option to create audit policies.

These can be used to record events such as processes being created and/or terminated on your managed devices.

When combined with event log forwarding, this tool is highly effective in providing a centralized view of all process changes across your organizational network.

The downside is that filtering for a specific process (e.g, GearsAgentService.exe) is not natively supported by Active Directory.