Login to participate
Endpoint Management & Virtualization BlogsRSS

Quasi-AutoCapture With SVS 2.x

Scott Jones's picture
Scott Jones
April 30th, 2008
Filed under: , ,

The Holy Grail of potential SVS features for many of us is AutoCapture. The idea behind AutoCapture is that end users should be able to do what they (we) normally do -- like install every CD anyone hands them or download all kinds of crazy stuff from the Internet -- but ensure that this non-standard software stays isolated, so that it a) won't break the corporate standard apps and b) can be cleanly removed if needed.

This functionality is in the bucket for a future version of SVS. In the meantime, some innovative folks have done creative things with the existing SVS 2.x product to get one step closer to the dream. For example, M-Soft produced Application Control Solution (available from Symantec), which can put unknown software in an SVS "quarantine layer" (a layer type specific to the App Control product). This allows it to run but not impact anything else on the PC. Also, we have a major SVS customer that's developing a cool solution that allows physicians to install software for one-time use as needed to view image files or other medical data. Apparently there a dozens of possible apps that could be used to view this type of content, and IT can't anticipate all of them. Plus some of them are kind of nasty with what they do to a box. Now, under the covers the install goes into the writable sublayer of a standard, empty SVS application layer. When the doc is done looking at the X-ray, the app just disappears.

What I personally want is to download something from Download.com and quickly install it, without having to deactivate all my SVS layers or crank up a VM to capture it into a new application layer. I freely admit, I've actually given in to the temptation a couple times and installed crapware to my base 'cause I was in too much of a hurry (or just plain lazy).

Well, I have a solution!

The trick is to get the executable you download into an application layer, so that when you run it, changes to the system stay within that layer. We talk a lot about keeping data (like Web downloads) out of app layers (using excludes or data layers) so it's not affected by a reset or app layer deactivation/deletion. But I submit that there's a pretty compelling case for intentionally keeping (at least some stuff, as an available option) in an app layer.

Here's what I did. Normally, my downloads either go into my data layer (I have a "Download" directory under "My Documents" and "My Documents" is in a data layer) or to the base (I have an exclusion for C:\Temp, which is where I park stuff when I absolutely want it in the base for whatever reason). My config is documented here. But now, within my Firefox layer (of course, I only ever use Firefox as my Web browser, virtualized), I have added a folder called C:\Firefox Downloads.

Recently, I wanted to do a quick edit of an icon file -- something I do maybe once every two years -- so I grabbed IconCool, which happened to come up at the top of the list on my Download.com search and did the job. I downloaded the IconCool installer to C:\Firefox Downloads and ran it from there. And guess what -- the install went to the writable sublayer of my Firefox layer. When I was done with the software, I clicked reset and it was gone. No extra steps required to create a separate layer just for IconCool, but I got all the benefits of SVS.

Now, this is definitely a power user tip. When the real-deal AutoCapture ships, end users shouldn't have to worry about where they downloaded something to. But for those of us who are technically inclined, knowing "hey, if I put that installer in this location, the app will be virtualized and I can clean it up with a reset" is very cool.

Prerequisites for this to work well: If your Firefox profile ([APPDATA]\Mozilla + [LOCALAPPDATA]\Mozilla\Firefox\Profiles) is already excluded or in a data layer, and if your Firefox plug-ins (e.g., Flash Player) are in the Firefox read-only, or in separate application layers, you will have no negative impact from resetting Firefox frequently. In fact, I'm thinking about launching Firefox with a script like what the SVSDownloads guys do with their "Internet Explorer - Reset On Close" layer so that it automatically resets after every use (which, btw, will also eventually be a native feature of SVS that we call "Secure Mode").

Enjoy, and... Excelsior!

0 votes