Windows & Interoperability: Avecto Privilege Guard Helps Corporations Lock Down and Simplify Windows Workstations

 
 
By Andrew Garcia  |  Posted 2011-01-28
 
 
 

Avecto Privilege Guard Helps Corporations Lock Down and Simplify Windows Workstations

by Andrew Garcia

Avecto Privilege Guard Helps Corporations Lock Down and Simplify Windows Workstations

New Application Groups

Administrators create Application Groups that include executables, applets, packages and scripts that require permission elevation to run or install successfully on the locked-down user's desktop.

New Application Groups

Privilege Escalation

After creating an Application Group, administrators apply messaging and choose the actions Privilege Guard should take.

Privilege Escalation

Assigning Policy

From the Group Policy or Local Policy editor, administrators can apply created application rules to appropriate users, groups or OUs.

Assigning Policy

Customizing Messaging

Administrators create a messaging object, replete with caption, header, body text and image. That object gets applied to application rules.

Customizing Messaging

Customized Message

The customized messaging seemed a little warped, as the logo was surprisingly oversized. Also, I found customized messaging sometimes greatly slowed the user experience.

Customized Message

Logged Escalation

The local Windows Event Viewer captures Privilege Guard actions. These events can be forwarded to a central repository via SOAP-based WINRM.

Logged Escalation

Privilege Backdoors

Privilege Guard can thwart some backdoor privilege escalation tricks. Here, I block escalation of access to Windows Explorer through an elevated application's File/Save dialog box.

Privilege Backdoors

Time Restrictions

Administrators can set time restriction enforcement policies, for instance to only allow privilege escalation during work hours.

Time Restrictions

Rocket Fuel