Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 16 Next »

Adjusting Process Security allows a process to be protected from most tampering by users. For example, adjusting process security can restrict who can stop a process from the task manager. We recommend that you adjust process security in a test environment before you deploy it to the production environment.

Create a Security Descriptor

The Security Descriptor defines who has what rights to the process that is started. As shown in the following screenshot, you can create a new Process Security Descriptor by clicking Security Descriptors - User Defined.

 

Then define what rights each user or group has to the process, as shown in the following screenshot.

Caution

We strongly recommended that you always set System has Full Control in the security descriptor settings.

 

Creation of a Process Security Action

The Process Security Action is what applies the restrictions to the process when it is created.

After creating of the new "Set Process Security Descriptor Action" rename the action and choose the newly created Security Descriptor and select Save. The new action appears in the list of actions available under Process Security.

Create a new Application Control Policy

After creating a new Application Control Policy and choosing which application(s) it applies to, change the application action to include the new Process Security Descriptor Action

  • No labels