New UI Changes for Endpoint Security in LDMS 9.6 SP2.

Slides:

Advertisements

Similar presentations

Module 2 Navigation.     Homepage Homepage  Navigation pane that holds the Applications and Modules  Click the double down arrow on the right of.

Advertisements

OpenCMS and the MSASS Website. A Note on Terminology Locking a file for editing: No lockNOT locked You have write/edit access Someone else has write.

®® Microsoft Windows 7 Windows Tutorial 8 Connecting to Networks with Mobile Computing.

DNR-322L & DNR-326.

XP Tutorial 4 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Personalizing Your Windows Environment Tutorial 4.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

User Management DigiTool Version 3.0. User Management 2 User Architecture PatronsStaff Users DepositorsApprovers Meditor User Management Management Module.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.

1 of 6 Parts of Your Notebook Below is a graphic overview of the different parts of a OneNote 2007 notebook. Microsoft ® OneNote ® 2007 notebooks are digital.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

Maintaining and Updating Windows Server 2008

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Designed By: Technical Training Department

File sharing. Connect the two win 7 systems with LAN card Open the network.

How to Get The Most Out of Outlook 2003 Michele Schwartzman Division of Customer Support Summer 2006.

Configuring Task Scheduler Lesson 9. Skills Matrix Technology SkillObjective Domain SkillDomain # Understanding Task Scheduler Configure and manage the.

June 5, 2013 XenClient Enterprise 5.0 Engine VNC Remote Access.

1. 2 LXU800 User’s Manual 1.Installation – Windows XP UI Features Introduction Data Connection & Disconnection.

1 Outlook Live Live Messenger SkyDrive Office Live Live Spaces Live Groups.

Windows Tutorial 9 Maintaining Hardware and Software

© Copyright 2013 TONE SOFTWARE CORPORATION. Confidential and Proprietary. All rights reserved. ® Basic Administrator Training – Release Adding Users.

Guide to MCSE , Second Edition, Enhanced 1 Objectives Understand and use the Control Panel applets Describe the versatility of the Microsoft Management.

Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.

1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.

Ch 11 Managing System Reliability and Availability 1.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

1 Chapter Overview Understanding Group Policies Implementing Group Policies Using Security Policies Troubleshooting Group Policy Problems.

Pasewark & Pasewark 1 Outlook Lesson 1 Outlook Basics and Microsoft Office 2007: Introductory.

OFFICE 365 C&G USER TRAINING. PRESENT BY MICROSOFT SOLUTION ENTERPRISE SECTION.

MagicInfo Pro Server Software All control, content, and scheduling is performed within the MagicInfo Pro Server software previously installed. Before.

Advanced User Guide to Outlook and all its features.

Using Windows Firewall and Windows Defender

Home Media Network Hard Drive Training for Update to 2.0 By Erik Collett Revised for Firmware Update.

| | Tel: | | Computer Training & Personal Development Outlook Express Complete.

Copyright 2000 eMation SECURITY - Controlling Data Access with

1 Chapter Overview Configuring and Troubleshooting the Display Configuring Power Management Configuring Operating System Settings Configuring and Troubleshooting.

Microsoft Windows Vista Chapter 1 Fundamentals of Using Microsoft Windows Vista.

DSL-2544N Dual Band Wireless N600 Gigabit ADSL2+ Modem Router

Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.

ServerProtect 5.58 for NT Tech Support Dep.. Table of Contents Introduction and Installation Managing ServerProtect Configuring ServerProtect Maintaining.

1. Insert the Resource CD into your CD-ROM drive, click Start and choose Run. In the field that appears, enter F:\XXX\Setup.exe (if “F” is the letter of.

Getting Started with BDI-2™ Mobile Data Solution for Windows®

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Overview Introduction to Managing User Environments Introduction to Administrative Templates Using Administrative Templates in Group Policy Assigning Scripts.

Computing Fundamentals Module Lesson 3 — Changing Settings and Customizing the Desktop Computer Literacy BASICS.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 11: Monitoring Server Performance.

South Dakota Library Network Aleph Tables Training ~ Aleph Administration © South Dakota Library Network, 2008 ©Ex Libris (USA), 2004 Modified for SDLN.

Getting Started with OPC.NET OPC.NET Software Client Interface Client Base Server Base OPC Wrapper OPC COM Server Server Interface WCF Alternate.

Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.

Virtual Infrastructure Web Access Product Support Engineering VMware Confidential.

NetTech Solutions Security and Security Permissions Lesson Nine.

Envision Tutorial Horner APG, LLC July 18, Introduction The Cscape Remote Viewer allows remote interaction with the user interface on Horner OCS.

IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.

Managing File Resource Using File Server Resource Manager Chapter 9 Advance Computer Network Lecture Sorn Pisey

A user guide to accessing, reviewing and contributing to the Online Registry System.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.

1 Chapter Overview Monitoring Access to Shared Folders Creating and Sharing Local and Remote Folders Monitoring Network Users Using Offline Folders and.

What’s New in Fireware v WatchGuard Training.

Fab25 User Training Cerium Labs LabCollector - LIMS Lynette Ballast.

Maintaining and Updating Windows Server 2008 Lesson 8.

Fixing Windows 10 Automatic Updates Install Problem

© CGI Group Inc. User Guide Subversion client TortoiseSVN.

Windows Vista Configuration MCTS : Internet Explorer 7.0.

SQL Database Management

Multi-host Internet Access Portal (MIAP) Enhancement Guide

Presentation transcript:

New UI Changes for Endpoint Security in LDMS 9.6 SP2

SP2 client changes – New UI Protection Status Purpose: Display the EPS component status. Notes: The status is automatically refreshed on every changes. Hovering a component name will display the configuration name (as defined on the console side). Clicking on the “View” button will open the “Detailed activity” page

SP2 client changes – New UI Program activity Purpose: Display running processes and their permission levels Notes: The list is refreshed in real-time Icon colors signification: Red: the process has no permissions (just allowed to run) Yellow: the process has some permissions (see permissions details for more information) Green : the process has maximum permissions Details: open the permission page – Same as double-clicking on the process Notify (checkbox): Display notification (violations …) for this process in the “Detailed activity” page – this is a permanent setting recorded in the registry Terminate: Kill the program – work only if the user has sufficient privileges; i.e. a user cannot terminate a system process. Right-clicking on a process in the list will display the following context menu:

SP2 client changes – New UI Running process permissions Purpose: Allow to display and modify the permissions of the running process Notes: These changes only affect the selected process – i.e. if there’s two notepad.exe instances running on the system, modify the permissions for one won’t affect the other. These changes are volatiles (remains only until the process termination), unless the checkbox “Add to local trusted file list” is checked.

SP2 client changes – New UI Startup Purpose: Display programs/dlls that can be unexpectedly executed, i.e.: startup, scheduled tasks, browser ActiveX plugins … Notes: The list is refreshed in real-time The categories are: Browser objects: Internet Explorer/ActiveX plugins Startup folders: Windows startup folders Startup files: INI files Startup registry: Various registry location allowing program execution Scheduled task: entries in c:\windows\tasks Services: entries in HKLM\ S YSTEM\CurrentControlSet\Services Details: open the details page – Same as double-clicking on the item Disable/Enable: disable or enable the item – A disabled item will be shown in gray in the tree list Right-clicking on a process in the list will display the following context menu:

SP2 client changes – New UI Startup item details Purpose: Allow to display the details of the startup item Notes: Only available information are displayed. The “Date” information is the date when the item was added into the system. It’s only known for item that were added after the EPS Client Installation

SP2 client changes – New UI Trusted file list Purpose: Allow to add, display/modify, and remove permissions of the processes stored in the Trusted File List (TFL), for both local and remote (core) lists. Notes: The list is refreshed in real-time You can add a file to both local and remote (core) TFL, but only local entries can be modified; core’s entries must be modified using the console. Entries added to the remote/core TFL are added to the ActionHistory.xml file and sent to the core by vulscan.exe. The EPS client temporarily add the entry in the remote.db file, until this file is overwritten by the updated core’s TFL. Double-clicking on an entry in the list will display the permission details

SP2 client changes – New UI Trusted file list details Purpose: Allow to display and modify the permissions stored in the TFL Notes: Clicking on Apply will save the permissions in the TFL (local only, the button is grayed while displaying the remote/core TFL).

SP2 client changes – New UI Detailed Activity Purpose: Display the EPS events, signaled by the EPS service Notes: Right clicking on an event will display the following context menu: Notify Violations: When unchecked, the EPS client won’t display notification when the process raise a violation (the process will still be blocked as expected) Learn globally: Add the required permissions to the core’s TFL, so the process won’t be alerted next time (password required) Learn locally: Add the required permissions to the local TFL, so the process won’t be alerted next time (password required) Request exception: Send a request to the administrator to ask him this file to be added to the core’s TFL.

SP2 client changes – New UI Configuration page Purpose: Allow to switch the EPS mode, globally, or for each component Notes: The ON/OFF toggle button allow to disable (and re-enable) all EPS components at once (password required) The drop-downs allow to change the mode for each EPS component. Supported mode are Disabled, Learning, Logging and Blocking modes, except for Device Control which only support Enabling/Disabling (no logging or learning).

SP2 client changes – New UI Advanced menu Install authorized program: Install the selected program (browse to select) with the “Authorized installer” permission, which meant that: The selected program won’t be blocked Its child processes won’t be blocked too Executables file created by this program or child processes will be allowed to execute, and allowed to be added to the system startup Help: Display the online help (requires an internet connection). About: Display the “About” dialog

SP2 client changes – New UI “Extended” menu Opening the above drop-down menu while pressing LSHIFT+LCTRL will show some additional items : “Enable debug mode” Enable the EPS debug mode for full log generation. Once the debug mode is enabled, the drop-down menu will display Clicking on “Generate debug logs” will create a file named “eps-logs.zip” on the desktop This file contains the required information to send to the support when there’s an issue. “Activity log” Allow to display the client activity log – May be useful to diagnose an issue.

SP2 client changes – New UI Removed items Items that were on the old EPS UI, but that were dropped on the new UI: -Activity log; not useful for end-user, moved in the “extended” drop-down menu -Options (read-only); this information was read-only and partial – not useful for end-user -Status screen: o BOP Status -Programs: o Button to filter Windows processes o Network tab displaying programs using the network -Protection; whole screen was removed : this information was read-only and partial – not useful for end-user

SP2 core changes  Exception requested by users

Thank You