I've been installing siteadvisor in agent using ePO management in our office to prevent employees from browsing non work-related sites and it was successfully installed to Mozilla firefox, IE and Google Chrome. When I check every browser if the policies that I created was successfully working, I was disappointed by the google chrome browser due to siteadvisor extension is manually intgrate to browser and can be remove by the agent. The only thing that I can do to prevent agent from browsing to non work-related sites is to apply a policy to disable google chrome and prevent agent for using it..
The problem is my co-employees are complaing that they cannot use google chrome and they dont want to use either firefox or IE.
We're using and evaluate McAfee Endpoint Protecton Suite ( Evaluation) because my boss is planning to puchase this product..I've been amaze by its capability to manage especially by applying policies and prevent clients/agent from uninstalling it from their computer and also its Data Loss Protection (DLP) capabilty to manage devices and applications.
We are enforcing this by GPO. Take a look at https://support.google.com/chrome/a/answer/188453?hl=en where you can create a policy to blacklist all extensions and whitelist only SAE and forceinstall if needed. Hope this helps!
Thanks for the reply but the problem is I dont have active directory where i can manage Group Policy.. Any other suggestionS??or can you give some steps on how to use GPO to prevent agent from disable SAE..I dont really understand the link that you given to me...
I have been working on forcing this to be automatically enabled using GPO for a few days now and have had no luck. It sounds like from your post that you have enforced it via GPO. I've tried numerous configurations using the examples in the Chrome Business guide, still no luck. Any chance you could assist with the steps you used? Since SAE isn't published to the Google Store, I assume the CRX has to be hosted on another accessible corporate server. Here are the steps I've taken:
1) Deployed the business version of Chrome 31 (from http://www.google.com/intl/en/chrome/business/browser/admin/)
2) Configured a webserver to host the CRX extension and posted it there. it is located here: http://myserver.mydomain.com/McChPlg.crx I can access it to have it download via IE and Chrome. Got the Extension ID from an installed version of SAE 3.5 Patch 2 with the latests hotfixes. (feobgjncdknhelkhjpiejdbpliekmfaj)
3) Downloaded the latest GPO policies and imported in our our AD GPO
4) Configured the "Configure the list of force-installed extensions" - added: feobgjncdknhelkhjpiejdbpliekmfaj;http://myserver.mydomain.com/McChPlg.crx
5) Configured the "Configure extension installation whitelist": added: feobgjncdknhelkhjpiejdbpliekmfaj
6) Configured the "Configure extension, app, and user script install sources": - added: http://*.mydomain.com/*
7) Did a gpupdate /force
8) I see it in the chrome://policy and all are coming back with status of "OK"
9) Tested and it is not being automatically enabled.
I verified the GPO forcing is working correctly by adding to the "Configure the list of foce-installed extensions" a test extension of the Google Dictionary. Right as I did the guupdate, the extension appeared in Chrome, so I know the GPO policies are enforcing correctly.
I've opened a case with McAfee and of course they said, currently we don't have a workaround for you. But your post saying you are enforcing via GPO gives me great hope.
I greatly appreciate any assistance.
My apologies, in our testing we were able to block all extensions and whitelist SiteAdvisor by specificing the extension GUID but like yourself we are having issues forcing the install of the software. Users are still able to uncheck the enforcement of this extension and even installing requires a user to allow it. Looking at https://code.google.com/p/chromium/issues/detail?id=185019 this looks like its because the extension is not hosted in the app store and is instead hosted by McAfee locally. Google blocks all attempts for software to silently install in an effort curb any form of malware gettting through and to make sure that the user gives permission. Another thread suggests that McAfee is working on re-implementing SAE to work natively like VSE and not be installed as an extension which would bypass this issue altogether.
Anyone have any comments?