Presentation is loading. Please wait.

Presentation is loading. Please wait.

New UI Changes for Endpoint Security in LDMS 9.6 SP2.

Published byBryce Day Modified over 8 years ago

Similar presentations

Presentation on theme: "New UI Changes for Endpoint Security in LDMS 9.6 SP2."— Presentation transcript:

1 New UI Changes for Endpoint Security in LDMS 9.6 SP2

2 SP2 client changes – New UI Protection Status Purpose: Display the EPS component status. Notes: The status is automatically refreshed on every changes. Hovering a component name will display the configuration name (as defined on the console side). Clicking on the “View” button will open the “Detailed activity” page

3 SP2 client changes – New UI Program activity Purpose: Display running processes and their permission levels Notes: The list is refreshed in real-time Icon colors signification: Red: the process has no permissions (just allowed to run) Yellow: the process has some permissions (see permissions details for more information) Green : the process has maximum permissions Details: open the permission page – Same as double-clicking on the process Notify (checkbox): Display notification (violations …) for this process in the “Detailed activity” page – this is a permanent setting recorded in the registry Terminate: Kill the program – work only if the user has sufficient privileges; i.e. a user cannot terminate a system process. Right-clicking on a process in the list will display the following context menu:

4 SP2 client changes – New UI Running process permissions Purpose: Allow to display and modify the permissions of the running process Notes: These changes only affect the selected process – i.e. if there’s two notepad.exe instances running on the system, modify the permissions for one won’t affect the other. These changes are volatiles (remains only until the process termination), unless the checkbox “Add to local trusted file list” is checked.

5 SP2 client changes – New UI Startup Purpose: Display programs/dlls that can be unexpectedly executed, i.e.: startup, scheduled tasks, browser ActiveX plugins … Notes: The list is refreshed in real-time The categories are: Browser objects: Internet Explorer/ActiveX plugins Startup folders: Windows startup folders Startup files: INI files Startup registry: Various registry location allowing program execution Scheduled task: entries in c:\windows\tasks Services: entries in HKLM\ S YSTEM\CurrentControlSet\Services Details: open the details page – Same as double-clicking on the item Disable/Enable: disable or enable the item – A disabled item will be shown in gray in the tree list Right-clicking on a process in the list will display the following context menu:

6 SP2 client changes – New UI Startup item details Purpose: Allow to display the details of the startup item Notes: Only available information are displayed. The “Date” information is the date when the item was added into the system. It’s only known for item that were added after the EPS Client Installation

7 SP2 client changes – New UI Trusted file list Purpose: Allow to add, display/modify, and remove permissions of the processes stored in the Trusted File List (TFL), for both local and remote (core) lists. Notes: The list is refreshed in real-time You can add a file to both local and remote (core) TFL, but only local entries can be modified; core’s entries must be modified using the console. Entries added to the remote/core TFL are added to the ActionHistory.xml file and sent to the core by vulscan.exe. The EPS client temporarily add the entry in the remote.db file, until this file is overwritten by the updated core’s TFL. Double-clicking on an entry in the list will display the permission details

8 SP2 client changes – New UI Trusted file list details Purpose: Allow to display and modify the permissions stored in the TFL Notes: Clicking on Apply will save the permissions in the TFL (local only, the button is grayed while displaying the remote/core TFL).

9 SP2 client changes – New UI Detailed Activity Purpose: Display the EPS events, signaled by the EPS service Notes: Right clicking on an event will display the following context menu: Notify Violations: When unchecked, the EPS client won’t display notification when the process raise a violation (the process will still be blocked as expected) Learn globally: Add the required permissions to the core’s TFL, so the process won’t be alerted next time (password required) Learn locally: Add the required permissions to the local TFL, so the process won’t be alerted next time (password required) Request exception: Send a request to the administrator to ask him this file to be added to the core’s TFL.

10 SP2 client changes – New UI Configuration page Purpose: Allow to switch the EPS mode, globally, or for each component Notes: The ON/OFF toggle button allow to disable (and re-enable) all EPS components at once (password required) The drop-downs allow to change the mode for each EPS component. Supported mode are Disabled, Learning, Logging and Blocking modes, except for Device Control which only support Enabling/Disabling (no logging or learning).

11 SP2 client changes – New UI Advanced menu Install authorized program: Install the selected program (browse to select) with the “Authorized installer” permission, which meant that: The selected program won’t be blocked Its child processes won’t be blocked too Executables file created by this program or child processes will be allowed to execute, and allowed to be added to the system startup Help: Display the online help (requires an internet connection). About: Display the “About” dialog

12 SP2 client changes – New UI “Extended” menu Opening the above drop-down menu while pressing LSHIFT+LCTRL will show some additional items : “Enable debug mode” Enable the EPS debug mode for full log generation. Once the debug mode is enabled, the drop-down menu will display Clicking on “Generate debug logs” will create a file named “eps-logs.zip” on the desktop This file contains the required information to send to the support when there’s an issue. “Activity log” Allow to display the client activity log – May be useful to diagnose an issue.

13 SP2 client changes – New UI Removed items Items that were on the old EPS UI, but that were dropped on the new UI: -Activity log; not useful for end-user, moved in the “extended” drop-down menu -Options (read-only); this information was read-only and partial – not useful for end-user -Status screen: o BOP Status -Programs: o Button to filter Windows processes o Network tab displaying programs using the network -Protection; whole screen was removed : this information was read-only and partial – not useful for end-user

14 SP2 core changes  Exception requested by users

15 Thank You

Download ppt "New UI Changes for Endpoint Security in LDMS 9.6 SP2."

Similar presentations

Module 2 Navigation.     Homepage Homepage  Navigation pane that holds the Applications and Modules  Click the double down arrow on the right of.

Module 2 Navigation.     Homepage Homepage  Navigation pane that holds the Applications and Modules  Click the double down arrow on the right of.
OpenCMS and the MSASS Website. A Note on Terminology Locking a file for editing: No lockNOT locked You have write/edit access Someone else has write.

OpenCMS and the MSASS Website. A Note on Terminology Locking a file for editing: No lockNOT locked You have write/edit access Someone else has write.
®® Microsoft Windows 7 Windows Tutorial 8 Connecting to Networks with Mobile Computing.

®® Microsoft Windows 7 Windows Tutorial 8 Connecting to Networks with Mobile Computing.
DNR-322L & DNR-326.

DNR-322L & DNR-326.
XP Tutorial 4 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Personalizing Your Windows Environment Tutorial 4.

XP Tutorial 4 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Personalizing Your Windows Environment Tutorial 4.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
User Management DigiTool Version 3.0. User Management 2 User Architecture PatronsStaff Users DepositorsApprovers Meditor User Management Management Module.

User Management DigiTool Version 3.0. User Management 2 User Architecture PatronsStaff Users DepositorsApprovers Meditor User Management Management Module.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.
1 of 6 Parts of Your Notebook Below is a graphic overview of the different parts of a OneNote 2007 notebook. Microsoft ® OneNote ® 2007 notebooks are digital.

1 of 6 Parts of Your Notebook Below is a graphic overview of the different parts of a OneNote 2007 notebook. Microsoft ® OneNote ® 2007 notebooks are digital.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Designed By: Technical Training Department

Designed By: Technical Training Department
File sharing. Connect the two win 7 systems with LAN card Open the network.

File sharing. Connect the two win 7 systems with LAN card Open the network.
How to Get The Most Out of Outlook 2003 Michele Schwartzman Division of Customer Support 301-594-6248 Summer 2006.

How to Get The Most Out of Outlook 2003 Michele Schwartzman Division of Customer Support Summer 2006.
Configuring Task Scheduler Lesson 9. Skills Matrix Technology SkillObjective Domain SkillDomain # Understanding Task Scheduler Configure and manage the.

Configuring Task Scheduler Lesson 9. Skills Matrix Technology SkillObjective Domain SkillDomain # Understanding Task Scheduler Configure and manage the.

Similar presentations

Ads by Google