Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Adjusting Process Security allows a process to be protected from most tampering by users. For example, adjusting process security can restrict who can stop a process from the task manager. We recommend that you adjust process security in a test environment before you deploy it to the production environment.

To include a Process Security Descriptor action in an Application Control policy, you must create a security descriptor and a process security action.

Create a Security Descriptor

The Security Descriptor defines who has what rights to the process that is started. As shown in the following screenshot, you can create a new Process Security Descriptor by clicking Security Descriptors - User Defined.

Image Added

 

Then define what rights each user or group has to the process, as shown in the following screenshot.

This feature was Introduced in version 7.1 SP3
Warning
Note
titleIntroduced in 7.1 SP3
titleDraft

Creation in process

Info
titleSummary

Excerpt

Adjusts the Security Descriptor of the target process to usually harden the process from tampering

Caution

We strongly recommended that you always set System has Full Control in the security descriptor settings.

 

Image Added

For detailed instructions about how to create a security descriptor, go to Security descriptors.

Create a Process Security Action

A Process Security Descriptor action applies restrictions to the process. To create a Process Security Descriptor action, do the following steps:

  1. In the Policies tab of the Security Manager Console, right-click the Process Security folder.
  2. Click New > Set Process Security Descriptor Action.
    Image Added
  3. Create a name for the new Process Security Descriptor Action.
  4. Click the Select... link.
    Image Added 
  5. Click the Security Descriptor that you want to attach the new action to.
    Image Added
  6. Click Save

The new action appears in the list of actions available in the Process Security folder. It is now available to include in an Application Control policy. For details about creating an Application Control policy, go to Create Application Control Policies.

Policies