Re-imaging (Wiki)

The content of the Security Analogies wiki is now available here, under the GNU Free Documentation License 1.2.

Thanks to Tech109 for the content of this page.

Definition

Sometimes when a computer has become infected with malware or has otherwise become corrupted, the best option for restoring the computer to a secure, functional state is to simply re-image it.

Re-imaging a computer involves re-installing the operating system, plus any configuration changes and software packages, using what is known as an image file. The image file is created using specialized software that captures a "snapshot" of a pre-configured computer and saves it to one or more files. These files then can be loaded onto the hard drive of other computers to create what is essentially a clone of the computer from which they originated.

The Oil Painting Analogy

Let's say you need 100 identical oil paintings. The oil painting has several elements that must be present, including a house, a tree, a dog and a person. These copies are to be distributed and displayed in offices around the country. One method to create these paintings would be to hire several artists to paint versions of the painting, using the criteria listed above. Of course, this would take quite a bit of time, cost quite a bit of money, and would result in copies that are not exactly the same as each other. If each artist follows the criteria, each painting will contain a house, tree, dog and person, but the size, color and placement of each object in the painting may differ slightly. Plus, there is always the chance that one or more artists will not follow the instructions correctly, resulting in faulty paintings.

On the other hand, you could have one artist create an original painting that meets the criteria, and then have other skilled artists paint exact copies of the painting. If you weren't concerned about what medium each painting was printed on, you could even make 100 Xerox copies of the painting to ensure that each copy is exactly the same.

Now, let's say you need 100 computers set up to be distributed to those same offices. Each computer must have the same operating system, same configurations, and the same software installed on top of the operating system. One way to do this would be to have several technicians set up computers by manually installing the operating system, then making the configuration changes, and finally installing the software, based on your instructions. This would not only be time-consuming and expensive, it would most likely result in many of the computers being set up slightly differently, and even erroneously, depending on how each technician interprets your instructions.

On the other hand, if you have one technician setup a computer and make sure it meets your criteria, then save a copy of that complete setup (the image file) and distribute the copies to other technicians, they can setup the 100 computers using the same image. This will result in virtually identical computer setups for all your offices, which will help ensure greater security, as well as saving time, money and resources.

WebSanity Top Secret