ILTA HANDS ON Securing Windows 7

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "ILTA HANDS ON Securing Windows 7"

Transcription

1 Securing Windows 7 8/23/2011

2 Table of Contents About this lab... 3 About the Laboratory Environment... 4 Lab 1: Restricting Users... 5 Exercise 1. Verify the default rights of users... 5 Exercise 2. Adding a user to the local administrators group... 6 Exercise 3. Setting up an administrative console... 6 Lab 2: User Account Control... 8 Exercise 1. Standard User Account Control... 8 Exercise 2. User Account Control Policy Settings... 9 Exercise 3. Administrator Access Protected Desktop Lab 3: File and Registry Virtualization Exercise 1. Demonstrate how file virtualization works Lab 4: Windows Firewall Exercise 1. Permitting applications through the firewall Exercise 2. Creating a new inbound firewall rule Lab 5: Creating Security Policies Exercise 1. Create a Group Policy Object to manage Security Exercise 2. Configure Default Firewall Policies Exercise 3. Configure Inbound Firewall Rules Exercise 4. Control Local User Accounts via Group Policy Preferences Exercise 5. Change the local administrator account password via Group Policy Preferences Exercise 6. Add a local administrator account for laptops only Lab 6: Configuring AppLocker Exercise 1. Configure AppLocker Rules Exercise 2. Configure AppLocker to enable auditing Exercise 3. Configure AppLocker to deny application access ILTA11 Securing Windows 7 Page 2

3 About this lab This Laboratory session is designed to familiarize with some of the security features of the Windows 7 operating system. We will take you typical administrative tasks of managing security of Windows 7, such as restricting application access, and managing local security groups. The first part of the lab will focus on understanding and configuring local security features. The second part will focus on deploying and managing those settings through Group Policy. This laboratory is targeted for the desktop administrator, and assumes that the participant has general experience with Windows 7, Active Directory, and Group Policy technologies. While relevant experience is helpful, it is not required to complete the lab exercises. ILTA11 Securing Windows 7 Page 3

4 About the Laboratory Environment You will be working in teams of two, sharing a workstation between members. The workstation has been configured with Windows 2008 R2 Hyper V in order to house the virtual computers required for this lab. We have configured two virtual machines as follows: SECW7 DC: A Windows 2008R2 Server, with Active Directory, DNS, and DHCP installed. SECW7 CLIENT: A Windows 7 SP1 x64 client, joined to our Active Directory domain. Both virtual machines have been setup in a the ILTA11.local domain and exist on the same network. Notes: You should use the IT.Manage account for the laboratory tasks, except where noted. Its password is Ilta11admin. The password for administrator is Two typical users have also been setup: Ken and Sally. Their passwords are Ilta11user DO NOT USE THE CTRL ALT DEL KEY SEQUENCE, AS IT WILL DISRUPT YOUR VIRTUAL SERVER SESSION. You should use the RIGHT ALT DEL key sequence instead. ILTA11 Securing Windows 7 Page 4

5 Lab 1: Restricting Users <One of the key foundations to desktop security is the principle of Least Privilege. In a Least Privilege environment, a user should only have the necessary rights to perform their business needs. All other privileges, such as installing software, making system wide settings, or accessing secure areas should be blocked. During a typical configuration of Windows 7, the default user is setup as a limited user, following the principle of least privilege.> < In this lab, we learn some of the security basics of account management. > Exercise 1. Verify the default rights of users <Like previous versions, Windows 7 relies on the NT File System to provide security at the folder and file level. Knowing basic folder security is crucial to troubleshooting and managing applications in a secure environment.> 1. Switch to the SECW7 CLIENT virtual machine, and press the CTRL ALT DEL button (upper left corner). Login as it.manage. The password is Ilta11admin. 2. Launch Windows Explorer. ( => Type explorer ) 3. Browse to Computer => C:\Program Files. Right click on the Program Files directory and choose Properties. 4. Select the Security tab. Note the default permissions for the folder. Click Users to see that users only have Read & execute, List folder contents and Read rights. 5. Click Advanced. More granular permissions are presented. Take note of permissions for TrustedInstaller and System by double clicking each name. They have full control, along with Administrators. TIP Introduced in Vista, the Trusted Installer service account is used by UAC to protect critical operating system files. As it is the owner of those critical files, it keeps applications (or users!) running as system or administrator from modifying operating system files. In some cases, only the Trusted Installer account has full access to files. 6. Select the Effective Permissions tab. Press Select. Type in Ken and choose Check Names. Press ok. Note the default permissions on the folder. Press ok twice. 7. Browse to C:\ProgramData. Right click on the directory. Choose Properties. ILTA11 Securing Windows 7 Page 5

6 TIP If you do not see C:\ProgramData, press the ALT key once while in Windows Explorer. Go to Tools => Folder Options. Select the View tab and make sure Show hidden files, folders and drives is selected. 8. Select the Security tab. Note the default permissions for the folder. Click Advanced. 9. Select the Effective Permissions tab. Press Select. Type in Ken and choose Check Names. Press ok. Note the default permissions on the folder. In the ProgramData folder, Ken can write and modify files, but not delete them. Press ok twice. Exercise 2. Adding a user to the local administrators group 1. Logged in as it.manage, go to and type users in the search programs and files dialog. Select Edit local users and groups. 2. Click Groups and double click Administrators. Note that the IT Computer Management group is a member. The it.manage user gets local administrative rights via this domain group. TIP Adding a domain group to the administrators group is a more effective way to manage local administrative permissions, as it is more easy to manage one group rather than many individual user accounts on each machine. 3. IMPORTANT: To demonstrate managing the administrator group via Group Policy preferences in a later exercise, add Sally to the administrators group on the computer. Click Add and type Sally in the Check Names dialog. Press Ok twice. Exercise 3. Setting up an administrative console <For administrative tasks, it is helpful to consolidate your management tools into one snap in, reducing the number of elevations you need to perform each day. you can then use Right click => Run as Administrator to run the console with the same administrative token> 1. Switch to a standard user. Go to => Shut Down => Switch user. 2. Login as Ken. The password is Ilta11user. 3. Go to => mmc. Select mmc.exe from the search results. 4. Click File => Add/Remove Snap in ILTA11 Securing Windows 7 Page 6

7 5. Choose Active Directory Users and Computers, Computer Management (select Local), Group Policy Management and Windows Firewall (Local) by clicking for each. 6. Your console will appear as below: 7. Go to File => Save As... Save the msc to the Desktop folder with name AdminTools. 8. Next, go to the Desktop. Right click on AdminTools and choose. 9. Enter administrative credentials at the UAC prompt. Press Enter. (it.manage Ilta11admin) 10. The console is now running as it.manage in Ken s login session. Let s confirm that. 11. Right click on the task bar and choose Start Task Manager. 12. Select the Process tab. Note that it lists mmc.exe running as it.manage. ILTA11 Securing Windows 7 Page 7

8 Lab 2: User Account Control <In this lab, we learn how user Account Control (UAC) works. UAC is not a prominent in Windows 7 as it was in Windows Vista.> Exercise 1. Standard User Account Control <Learn the different settings of UAC new to Windows 7. There is a user interface and a more granular policy interface for more detailed configuration.> 1. Be sure you are logged in as Ken on the SECW7 CLIENT VM. The password is Ilta11user. 2. Go to => type uac. Click Change User Account Control settings from the search results. 3. Enter administrative credentials at UAC prompt. (it.manage Ilta11admin). Note the dimming of the desktop. This is known as the Secure Desktop. 4. Move the slider to see each of the different levels of UAC. Note the granularity of settings compared to Vista below: Figure 1 Vista UAC Control Figure 2 Windows 7 UAC Control 5. Move the slider to see the available options. We recommend keeping on the highest setting. TIP The slider does not always represent the settings in group policy, so be sure to use a command like gpresult to determine effective UAC policy settings. ILTA11 Securing Windows 7 Page 8

9 Exercise 2. User Account Control Policy Settings <Through Local Security Policy, you can see the advanced customizations options available for UAC. Setting local policies is a great way to test and modify settings without affecting the whole user population.> 1. Logged in as Ken, go to => type local Select Local Security Policy. Press Enter. 2. Dismiss You do not have permission to perform this operation. dialog. Close Local Security Policy. 3. Go to => type local Right click on Local Security Policy. Choose Run as administrator 4. Enter administrative credentials. Press Enter. (it.manage Ilta11admin) 5. Expand Local Policies => Security Options. Scroll down to the bottom and review the UAC local policy options. 6. Note the terms used in the options. Review the terminology below to understand each option. Take special note of Virtualize file and registry write failures to per user locations and Run all Administrators in Admin Approval Mode Figure 3 UAC Local Policy Settings Prompt for Elevation When an administrative function is initiated, prompt appears to either elevate a user via consent or credentials in the form of a password or other authentication mechanism. This prompt changes depending on the publisher and certificate of the application. Secure Desktop The secure desktop is very similar to having to press CTRL > ALT > DEL at logon. It is an isolation environment where no script or application can run. The secure desktop dimming function is difficult for malware to reproduce. It can cause problems for remote tools, which the Only elevate UIAccess applications that are installed in secure locations policy addresses. Admin Approval Mode even when logged in as an administrator, AAM causes the administrator to run under a restricted user token and when necessary escalate to a higher privileged token via a UAC prompt. Virtualize file and registry This is a compatibility feature that allows incompatible 32 bit applications to run on Windows 7 without compromising file and registry integrity. ILTA11 Securing Windows 7 Page 9

10 Exercise 3. Administrator Access Protected Desktop <Even when running as administrator, UAC protects your machine from malicious code. UAC has improved as to not annoy the user, while maintaining the security of the computer.> 1. Logged in as Ken, browse to C:\Temp. Double click to run googleearthwin peruser.exe. 2. Follow the prompts to install Google Earth. Note there are no UAC prompts as this is a user only installation. Admin approval mode does not affect actions within the user context. Instead, refer to the User Account Control: Behavior of the elevation prompt for standard users. 3. Uncheck the boxes at the end of the dialog so as not to run Google Earth (although it may be tempting). 4. Go to => Shut Down => Switch user. Switch to the administrative user, it.manage (Ilta11admin). 5. Let s check the user token in Admin Access Mode. On the desktop, double click on the cmd (user) shortcut on the desktop. 6. Type whoami /all at the prompt and press Enter. 7. Scroll to the top of the command window. Note that although the it.manage is a member of the Administrators group of the machine, it is set to Deny only. Close the window. 8. On the desktop, double click on the cmd (admin) shortcut on the desktop. 9. Press Yes at the UAC prompt to elevate the token. 10. Type whoami /all at the prompt and press Enter. 11. Scroll to the top of the command window. Note that although the it.manage is a member of the Administrators group of the machine, it is set to Enabled group. Close the window. 12. Let s try to install an application as an administrator. Browse to C:\Temp. Double click to run googleearthwin peruser.exe. ILTA11 Securing Windows 7 Page 10

11 13. Note the UAC icon flashing the in the tray. Even though this is a user only installation, the UAC warning appears because Google is a non Microsoft publisher. (see Behavior of the elevation prompt in Admin Approval Mode) in Figure 3 above. 14. Follow the prompts to install Google Earth. Uncheck the boxes at the end of the dialog so as not to run Google Earth. Lab 3: File and Registry Virtualization <In this lab, we learn how File and Registry Virtualization works. File and registry virtualization is a feature of User Access Control (UAC) and helps with application compatibility for 32 bit applications.> Exercise 1. Demonstrate how file virtualization works 1. Logged in as it.manage, double click on the cmd (admin) shortcut on the desktop. Choose Yes to elevate credentials. 2. Double click on the cmd (user) shortcut on the desktop. Place them side by side on your screen. 3. On the cmd (admin) window type dir > diradmin.txt 4. On the cmd (user) window type dir > diruser.txt. You will get the message Access is denied 5. Right click on the task bar and choose Start Task Manager. 6. Select the Process tab. 7. Click the View menu item and choose Select Columns 8. Scroll down until you see User Account Control (UAC) Virtualization Check the box. Press Ok. ILTA11 Securing Windows 7 Page 11

12 9. On the task manager, select the the cmd process where UAC Virtualization is listed as Disabled. Right click and select UAC Virtualization. 10. Select Change Virtualization. It should now say Enabled. 11. Click on the cmd (user) window. Press the up arrow once to re display the command. Press Enter. 12. Note that the command now succeeds. 13. Switch to the cmd (admin) window. Type dir *.txt. Press Enter. 14. Note the diruser.txt file does not exist, but the diradmin.txt file does. 15. Go to and click on the username of the logged in user. 16. Browse to AppData > Local > Virtual Store > Windows > System Note the diruser.txt file in the directory. TIP Beware of changing settings manually in applications where file and registry virtualization are in effect. If you change settings in the original destination location (e.g. the Program Files directory) the settings you pushed via Group Policy Preferences will be overridden by those in the Virtual Store. ILTA11 Securing Windows 7 Page 12

13 Lab 4: Windows Firewall In this lab, we discover how to manage the built in Windows Firewall. Exercise 1. Permitting applications through the firewall <In Lab 2 Exercise 3, we installed Google Earth. Although it installed, we need to create an application rule to allow it to pass through the Windows Firewall.> 1. Go to => Shut Down => Switch user. Log in as Ken on the ILTA11 SECW7 CLIENT, double click Google Earth on the desktop. 2. Google Earth will take a few seconds to launch. You will get the pop up below: 3. Click Allow Access and enter administrative credentials. (it.manage Ilta11admin). Click ok. 4. You will get several warnings about Google Earth not being able to contact servers. Dismiss each dialog. Choose Exit, then ok. 5. Go to Start => type firewall. Select Allow a program through Windows Firewall. Note that googleearth.exe is now listed. 6. Select ILTA11 Securing Windows 7 Page 13

14 7. Enter administrative credentials. (it.manage Ilta11admin). Click ok. 8. Check the two boxes to allow Home/Work (Private) and Public networks. 9. Click ok. TIP: Referring to the local Windows Firewall exclusions can be helpful when populating firewall exclusions for Group Policy. Exercise 2. Creating a new inbound firewall rule <It is impossible to manage Windows 7 clients without opening some administrative tasks in the inbound firewall.> 1. Login to SECW7 DC as administrator 2. Go to Start > type services.msc Press Enter. 3. Right click on Services(Local) and choose Connect to another computer 4. Type SECW7 CLIENT and choose ok. 5. Wait a few seconds. Note the Error 1722: The RPC server is unavailable. Click ok. 6. Switch to the SECW7 CLIENT VM. 7. Go to Start => type Firewall. 8. Click on Windows Firewall. (Note the separate networks available to the firewall. ) 9. Click on Allow programs to communicate through Windows Firewall (Note the pre configured rules available to setup. ) 10. Select 11. Enter administrative credentials. (it.manage Ilta11admin). Click ok. 12. Put a check box in Remote Service Management. Click on Details to find out a more specific description. Click OK. 13. Switch back to SECW7 DC. Attempt to connect to services on SECW7 CLIENT again using steps 1 4) ILTA11 Securing Windows 7 Page 14

15 Lab 5: Creating Security Policies In this lab, we learn how to manage the Windows Firewall using Group Policy. Exercise 1. Create a Group Policy Object to manage Security <The first thing we have to do is create a policy object. This is a necessary first step so that we can link all of the policies we create today back to the policy object and apply them to our domain based workstation.> 1. Focus on the DC virtual machine, and login as the administrator account. The password for the account is 2. Launch the Group Policy Management Console by double clicking the icon on the desktop. 3. Expand the Ilta11.local forest, and navigate to Domains => ilta11.local => WIN7. 4. Right click the WIN7 OU, and click Create a GPO in this domain, and Link it here Name the GPO Win7 Security Settings, and click OK. We will primarily be using this group policy object to configure our security settings. Exercise 2. Configure Default Firewall Policies <Windows Firewall is software built into the Windows OS that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings.> <Note that the Win7 Firewall has a Domain Profile, a Private Profile, and a Public Profile> 1. Right click the GPO you just created and choose Edit. 2. Navigate to Computer Configuration => Policies=> Windows Settings => Security Settings => Windows Firewall with Advanced Security. Click on the Windows Firewall with Advanced Security icon to see Overview: ILTA11 Securing Windows 7 Page 15

16 The Overview gives you summary information on how the policy will configure the Windows 7 Firewall. At this time, it is unconfigured. 3. The first thing we are going to do configure the Firewall state. To do so, click the Windows Firewall Properties link. 4. For most environments, it is recommended to enable the Windows Firewall to block inbound connections for the Domain, Private, and Public networks. Do so by clicking on the Domain Profile tab, and change the Firewall state to On (recommended). For Inbound connections, change it to Block (default). Leave the Outbound connections as Not Configured. Repeat these same changes to the Private Profile and Public Profile tabs. ILTA11 Securing Windows 7 Page 16

17 5. Click the OK button to apply the changes: 6. To check the status of the policy, switch to the Windows 7 client and reboot it. Once prompted, login as IT.Manage, and navigate to Start => Control Panel => System and Security, and click the Windows Firewall link. Note the following message: 7. We can also verify that the firewall is operational. Switch to the Domain Controller, and try to ping the Windows 7 workstation. Open a command prompt, and type ping secw7 client. Note that the requests time out. Exercise 3. Configure Inbound Firewall Rules <We now want to allow some inbound rules to allow management of our workstation> <Note that the Win7 Firewall has a Domain Profile, a Private Profile, and a Public Profile> 1. From the Domain Controller, go back to the Win7 Security Settings policy, and navigate to the Windows Firewall with Advanced Security node. 2. Right click the Inbound Rules, and click New Rule. Click the Custom option, and then click Next. Leave the default All programs option on, and click Next. 3. For the Protocol and Ports screen, change the Protocol type to ICMPv4: ILTA11 Securing Windows 7 Page 17

18 Click Next. 4. Leave the local and remote IP addresses as default, and click Next. 5. Leave the option of Allow the connection selected, and click Next. 6. Apply this rule to all three profiles by making sure Domain, Private, and Public are checked. Click Next. 7. Name the Rule Allow Ping, and click Finish. 8. Let s create one more inbound rule that allows us management of the client. Click the Inbound Rules, and click New Rule. Click the Predefined option, and select Remote Administration from the drop down dialog. Click Next when finished. Click Next, Next, and Finish past the remaining dialogs. 9. We are now ready to test our Firewall updates. From the domain controller, launch Computer Management by clicking Start => All Programs => Administrative Tools => Computer ILTA11 Securing Windows 7 Page 18

19 Management. Connect to the client workstation by clicking Action => Connect to another computer, typing in secw7 client, and click OK. 10. The connection should fail as our client workstation has not received our latest updates in our firewall policy. To force our clients to receive the updates, you can wait past the default policy refresh interval, force a policy refresh on the client, or simply reboot the client. Let s force a policy refresh by switching to our Win7 client workstation, opening up a command prompt, and typing gpupdate /force. 11. Once the update is complete, switch back to the DC, and reconnect to the secw7 client in computer manager. It should now work correctly. You can also attempt to ping the workstation as you did in the last step of the previous exercise. It should also now be functional. You now have configured your firewall policy so that your Windows 7 clients will have the firewall enabled to block inbound connections, but ping traffic and remote administration will be allowed. Exercise 4. Control Local User Accounts via Group Policy Preferences <One of our users, Sally, happens to be a local administrator of her workstation. Because she is a local administrator, she has the ability to install unauthorized software, and potentially introduce malicious programs to the firm environment. In this lab, we will remove Sally from the local administrator s group.> 1. Flip to the domain controller. If you have completed the previous exercise, you should have Computer Manager open and connected to the secw7 client workstation. Navigate to System Tools => Local Users and Groups => Groups, and double click the Administrators group. You should see Sally as a member. 2. To remove her, we will create a Group Policy Preference. On our Domain Controller, launch the Group Policy Management Console from the desktop, if it is not already opened. 3. Navigate to our Win7 Security Settings policy by drilling down to the Win7 OU in our domain. Once you find the policy, right click it, and choose Edit. 4. When the policy opens, go to Computer Configuration => Preferences => Control Panel Settings => Local Users and Groups. Click Action => New => Local Group. ILTA11 Securing Windows 7 Page 19

20 5. For the group name, type in Administrators. Then click the Add button on the bottom of the dialog box. In the Local Group Member box, browse for the account by clicking the Ellipses, and typing in Sally, and clicking OK. Once the account is added, choose the Remove from this group option, and click OK. 6. Click the OK button to complete the preference change. Our new group policy preference will now update the local administrator group, and remove Sally from it. Perform a GPUpdate on our client computer (or reboot it), and then reconnect to it using computer management. You should now see that she is no longer an administrator. Exercise 5. Change the local administrator account password via Group Policy Preferences Even though we ve removed Sally from the local administrator s group, she somehow knows what the local administrator account password is! In this exercise, we will change this password. 1. Go back to our Win7 Security Settings policy, and navigate to the Local Users and Groups section (Computer Configuration => Preferences => Control Panel Settings => Local Users and Groups). Click Action => New => Local User. 2. From the dialog, type administrator for the user name, and change the password and confirmation password to sorrysally. Uncheck the User must change password option. ILTA11 Securing Windows 7 Page 20

21 3. Click OK when finished. Exercise 6. Add a local administrator account for laptops only Our laptop users sometime run into situations where they need administrative rights when they are on the road, disconnected from the domain. One way to permit these installations is to create a local account that has administrative credentials. 1. Go back to our Win7 Security Settings policy, and navigate to the Local Users and Groups section (Computer Configuration => Preferences => Control Panel Settings => Local Users and Groups). Click Action => New => Local User. 2. From the dialog, type Laptopadmin for the user name, and change the password and confirmation password to laptoppassword. Uncheck the User must change password option. Do NOT click OK yet. 3. We only want our laptops to get this user account, so we will need to apply filtering to our group policy preference. Click the common tab, and choose the Item Level targeting option. Click the Targeting button. 4. Click the New button, and notice all of the various options that can be used as criteria for filtering. In our case, we will choose Portable Computer to indicate laptops. Check off all of the subsequent options, and click OK. Click OK once again to complete our policy. ILTA11 Securing Windows 7 Page 21

22 5. We now need to add the laptopadmin user into our local administrators group. To do so, create another GPP under local users and groups by clicking Action => New => Local Group. 6. For the group name, type in Administrators. Then click the Add button on the bottom of the dialog box. Type in laptopadmin in the Name box, and choose the Add to this Group option. Click OK. 7. Click the common tab, and add a filter to the GPP as you did in steps 3 and 4 of this exercise. 8. Finally, we need to order our GPPs so that our user is created before it is added to the administrators group. Just make sure the laptopadmin order is numerically below the administrators group change, as in the following screenshot: Lab 6: Configuring AppLocker <AppLocker is a new feature in Windows 7 and Windows Server 2008 R2 that allows you to specify which users or groups can run particular applications in your organization based on unique identities of files. If you use AppLocker, you can create rules to allow or deny applications from running.> Exercise 1. Configure AppLocker Rules Applocker works with the principle of least privilege, meaning that applications, installations, and scripts are denied access if no rules are configured. The first step to configuring AppLocker is to setup default rules for our clients. 1. Go back to our Win7 Security Settings Policy in Group Policy Management Console. Navigate to Computer Configuration => Policies => Windows Settings => Security Settings => Application Control Policies => Applocker. Notice that there are no configured rules in the overview. 2. Drill down to Executable Rules. Click Action => Create Default Rules. This will create default Applocker rules that allow everyone to launch applications in the Program Files, and Windows directory. It also allows local administrators to launch all applications. ILTA11 Securing Windows 7 Page 22

23 3. In a similar fashion, create the default rules under the Windows Installer Rules and Script Rules nodes. 4. After the default rules have been configured, we will create an executable rule that denies access to running Google Earth. To do so, right click on the Executable Rules node, and click Create New Rule 5. Click Next, and then change the action to Deny. Click Next. Change the primary condition to Path, and click Next. For the Path, type in *googleearth.exe and click Next. Click Next to skip adding publisher exceptions, and finally click Create to create the rule. You have now created a rule that will deny the googleearth application from running. Exercise 2. Configure AppLocker to enable auditing One great feature of Applocker is the ability to run audit mode. When audit mode is enabled, Applocker will review applications that are executed on the machine, but will not deny application execution. It will log these events for further review. 1. Go back to the Applocker section of our policy until the overview appears. Click the Configure Rule Enforcement link. For executable rules click the Configured option, and then select Audit only from the drop down list. Click OK when finished. 2. Out Win7 Security Settings policy should now be configured with AppLocker in audit mode. To our setting, flip to our client workstation, and reboot the client to apply the policy. Login as the user Ken with a password of Ilta11user. 3. Launch the Event Viewer by searching for it in the search bar. Click => type event Select Event Viewer. Once launched, navigate to Application and Services => Microsoft => Windows => AppLocker => EXE and DLL. This is where applocker writes events related to executable activity on the workstation. Note that Windows process executions are now being recorded. 4. Keep the Event viewer open, but launch Adobe Reader from the desktop. Go back to the event viewer, and push F5 to refresh the events. Note that Applocker auditing recorded that GoogleEarth.exe was allowed to run. 5. Now launch Google Earth, and refresh the event viewer. You should see an AppLocker event telling you that Google Earth would be denied. ILTA11 Securing Windows 7 Page 23

24 Exercise 3. Configure AppLocker to deny application access 1. Flip back to the Domain Controller, and go back to our Win7 Security Policy in Group Policy Management. Navigate to the AppLocker policy. 2. Click the Configure Rule Enforcement link, and change the executables rules dropdown to Enforce Rules. Click OK when finished. 3. Flip to the client, and reboot it again to get the new security changes. Login as Ken, and test launching Google Earth. It should be denied. ILTA11 Securing Windows 7 Page 24

ILTA 2013 - HAND 6B. Upgrading and Deploying. Windows Server 2012. In the Legal Environment

ILTA 2013 - HAND 6B. Upgrading and Deploying. Windows Server 2012. In the Legal Environment ILTA 2013 - HAND 6B Upgrading and Deploying Windows Server 2012 In the Legal Environment Table of Contents Purpose of This Lab... 3 Lab Environment... 3 Presenter... 3 Exercise 1 Add Roles and Features...

More information

ACTIVE DIRECTORY DEPLOYMENT

ACTIVE DIRECTORY DEPLOYMENT ACTIVE DIRECTORY DEPLOYMENT CASAS Technical Support 800.255.1036 2009 Comprehensive Adult Student Assessment Systems. All rights reserved. Version 031809 CONTENTS 1. INTRODUCTION... 1 1.1 LAN PREREQUISITES...

More information

Advanced Event Viewer Manual

Advanced Event Viewer Manual Advanced Event Viewer Manual Document version: 2.2944.01 Download Advanced Event Viewer at: http://www.advancedeventviewer.com Page 1 Introduction Advanced Event Viewer is an award winning application

More information

NSi Mobile Installation Guide. Version 6.2

NSi Mobile Installation Guide. Version 6.2 NSi Mobile Installation Guide Version 6.2 Revision History Version Date 1.0 October 2, 2012 2.0 September 18, 2013 2 CONTENTS TABLE OF CONTENTS PREFACE... 5 Purpose of this Document... 5 Version Compatibility...

More information

IS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection

IS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection IS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection Description Lab flow At the end of this lab, you should be able to Discover how to harness the power and capabilities

More information

User Guide. Version 3.2. Copyright 2002-2009 Snow Software AB. All rights reserved.

User Guide. Version 3.2. Copyright 2002-2009 Snow Software AB. All rights reserved. Version 3.2 User Guide Copyright 2002-2009 Snow Software AB. All rights reserved. This manual and computer program is protected by copyright law and international treaties. Unauthorized reproduction or

More information

Installation Notes for Outpost Network Security (ONS) version 3.2

Installation Notes for Outpost Network Security (ONS) version 3.2 Outpost Network Security Installation Notes version 3.2 Page 1 Installation Notes for Outpost Network Security (ONS) version 3.2 Contents Installation Notes for Outpost Network Security (ONS) version 3.2...

More information

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users SyAM Management Utilities and Non-Admin Domain Users Some features of SyAM Management Utilities, including Client Deployment and Third Party Software Deployment, require authentication credentials with

More information

Desktop Surveillance Help

Desktop Surveillance Help Desktop Surveillance Help Table of Contents About... 9 What s New... 10 System Requirements... 11 Updating from Desktop Surveillance 2.6 to Desktop Surveillance 3.2... 13 Program Structure... 14 Getting

More information

TrueEdit Remote Connection Brief

TrueEdit Remote Connection Brief MicroPress Server Configuration Guide for Remote Applications Date Issued: February 3, 2009 Document Number: 45082597 TrueEdit Remote Connection Brief Background TrueEdit Remote (TER) is actually the same

More information

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit www.specopssoft.

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit www.specopssoft. . All right reserved. For more information about Specops Deploy and other Specops products, visit www.specopssoft.com Copyright and Trademarks Specops Deploy is a trademark owned by Specops Software. All

More information

523 Non-ThinManager Components

523 Non-ThinManager Components 28 Non-ThinManager Components Microsoft Terminal Servers play an important role in the ThinManager system. It is recommended that you become familiar with the documentation provided by Microsoft about

More information

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner

More information

2. Using Notepad, create a file called c:\demote.txt containing the following information:

2. Using Notepad, create a file called c:\demote.txt containing the following information: Unit 4 Additional Projects Configuring the Local Computer Policy You need to prepare your test lab for your upcoming experiments. First, remove a child domain that you have configured. Then, configure

More information

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to Email or Network Folder

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to Email or Network Folder Setting up Sharp MX-Color Imagers for Inbound Fax Routing to Email or Network Folder MX-2300, MX-2600, MX-2700, MX-3100, MX-3501, MX-4501, MX-5500, MX-6200, MX-6201, MX-7000, MX-7001, *MX-M850, *MX-M950,

More information

LifeCyclePlus Version 1

LifeCyclePlus Version 1 LifeCyclePlus Version 1 Last updated: 2014-04-25 Information in this document is subject to change without notice. Companies, names and data used in examples herein are fictitious unless otherwise noted.

More information

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE Copyright 1998-2013 Tools4ever B.V. All rights reserved. No part of the contents of this user guide may be reproduced or transmitted in any form or by any means

More information

Velocity Web Services Client 1.0 Installation Guide and Release Notes

Velocity Web Services Client 1.0 Installation Guide and Release Notes Velocity Web Services Client 1.0 Installation Guide and Release Notes Copyright 2014-2015, Identiv. Last updated June 24, 2015. Overview This document provides the only information about version 1.0 of

More information

Nexio Connectus with Nexio G-Scribe

Nexio Connectus with Nexio G-Scribe Nexio Connectus with Nexio G-Scribe 2.1.2 3/20/2014 Edition: A 2.1.2 Publication Information 2014 Imagine Communications. Proprietary and Confidential. Imagine Communications considers this document and

More information

Outpost Network Security

Outpost Network Security Administrator Guide Reference Outpost Network Security Office Firewall Software from Agnitum Abstract This document provides information on deploying Outpost Network Security in a corporate network. It

More information

Pearl Echo Installation Checklist

Pearl Echo Installation Checklist Pearl Echo Installation Checklist Use this checklist to enter critical installation and setup information that will be required to install Pearl Echo in your network. For detailed deployment instructions

More information

Installation Guide for Pulse on Windows Server 2008R2

Installation Guide for Pulse on Windows Server 2008R2 MadCap Software Installation Guide for Pulse on Windows Server 2008R2 Pulse Copyright 2014 MadCap Software. All rights reserved. Information in this document is subject to change without notice. The software

More information

a) Network connection problems (check these for existing installations)

a) Network connection problems (check these for existing installations) How do I resolve issues with a Client not connecting to the Best Practice server instance? This FAQ is intended to answer common questions about resolving issues with a Best Practice client not connecting

More information

Migrating TimeForce To A New Server

Migrating TimeForce To A New Server Rev. 4/28/14 Migrating TimeForce To A New Server Table of Contents 1. Installation Prerequisites... 2 Required... 2 Recommended... 3 2. Update to a Migration Compatible Version... 3 Determine the Database

More information

Virtual CD v10. Network Management Server Manual. H+H Software GmbH

Virtual CD v10. Network Management Server Manual. H+H Software GmbH Virtual CD v10 Network Management Server Manual H+H Software GmbH Table of Contents Table of Contents Introduction 1 Legal Notices... 2 What Virtual CD NMS can do for you... 3 New Features in Virtual

More information

Setting up Hyper-V for 2X VirtualDesktopServer Manual

Setting up Hyper-V for 2X VirtualDesktopServer Manual Setting up Hyper-V for 2X VirtualDesktopServer Manual URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies, names, and data used in examples herein

More information

How to Configure Terminal Services for Pro-Watch in Remote Administration Mode (Windows 2000)

How to Configure Terminal Services for Pro-Watch in Remote Administration Mode (Windows 2000) How to Configure Terminal Services for Pro-Watch in Remote Administration Mode (Windows 2000) This instruction guide describes how to configure Terminal Services in Windows 2000 Server for Remote Administration

More information

Group Policy 21/05/2013

Group Policy 21/05/2013 Group Policy Group Policy is not a new technology for Active Directory, but it has grown and improved with every iteration of the operating system and service pack since it was first introduced in Windows

More information

Alarm Client. Installation and User Guide. NEC NEC Infrontia Corporation. July 2008 NDA-30364, Revision 8

Alarm Client. Installation and User Guide. NEC NEC Infrontia Corporation. July 2008 NDA-30364, Revision 8 Alarm Client Installation and User Guide NEC NEC Infrontia Corporation July 2008 NDA-30364, Revision 8 Liability Disclaimer NEC Infrontia Corporation reserves the right to change the specifications, functions,

More information

Windows and MAC User Handbook Remote and Secure Connection Version 1.01 09/19/2013. User Handbook

Windows and MAC User Handbook Remote and Secure Connection Version 1.01 09/19/2013. User Handbook Windows and MAC User Handbook How to Connect Your PC or MAC Remotely and Securely to Your U.S. Department of Commerce Account Developed for You by the Office of IT Services (OITS)/IT Service Desk *** For

More information

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION Version 1.1 / Last updated November 2012 INTRODUCTION The Cloud Link for Windows client software is packaged as an MSI (Microsoft Installer)

More information

Windows Server 2008 R2 Initial Configuration Tasks

Windows Server 2008 R2 Initial Configuration Tasks Windows Server 2008 R2 Initial Configuration Tasks I am not responsible for your actions or their outcomes, in any way, while reading and/or implementing this tutorial. I will not provide support for the

More information

Quick Start Guide for Parallels Virtuozzo

Quick Start Guide for Parallels Virtuozzo PROPALMS VDI Version 2.1 Quick Start Guide for Parallels Virtuozzo Rev. 1.1 Published: JULY-2011 1999-2011 Propalms Ltd. All rights reserved. The information contained in this document represents the current

More information

4cast Client Specification and Installation

4cast Client Specification and Installation 4cast Client Specification and Installation Version 2015.00 10 November 2014 Innovative Solutions for Education Management www.drakelane.co.uk System requirements The client requires Administrative rights

More information

CONNECT-TO-CHOP USER GUIDE

CONNECT-TO-CHOP USER GUIDE CONNECT-TO-CHOP USER GUIDE VERSION V8 Table of Contents 1 Overview... 3 2 Requirements... 3 2.1 Security... 3 2.2 Computer... 3 2.3 Application... 3 2.3.1 Web Browser... 3 2.3.2 Prerequisites... 3 3 Logon...

More information

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Sharp Remote Device Manager (SRDM) Server Software Setup Guide Sharp Remote Device Manager (SRDM) Server Software Setup Guide This Guide explains how to install the software which is required in order to use Sharp Remote Device Manager (SRDM). SRDM is a web-based

More information

webkpi SaaS ETL Connector Installation & Configuration Guide

webkpi SaaS ETL Connector Installation & Configuration Guide webkpi SaaS ETL Connector Installation & Configuration Guide SaaS ETL Version 2.5.0.12 Version 1.6 September 2013 webkpi SaaS ETL Connector Version 2.5.0.12 V 1.6 Page 1 Table of Contents Table of Contents

More information

Direct Storage Access Using NetApp SnapDrive. Installation & Administration Guide

Direct Storage Access Using NetApp SnapDrive. Installation & Administration Guide Direct Storage Access Using NetApp SnapDrive Installation & Administration Guide SnapDrive overview... 3 What SnapDrive does... 3 What SnapDrive does not do... 3 Recommendations for using SnapDrive...

More information

DriveLock Quick Start Guide

DriveLock Quick Start Guide Be secure in less than 4 hours CenterTools Software GmbH 2012 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise

More information

Non-ThinManager Components

Non-ThinManager Components Non-ThinManager Components Microsoft Terminal Servers play an important role in the ThinManager system. It is recommended that you become familiar with the documentation provided by Microsoft about their

More information

enicq 5 System Administrator s Guide

enicq 5 System Administrator s Guide Vermont Oxford Network enicq 5 Documentation enicq 5 System Administrator s Guide Release 2.0 Published November 2014 2014 Vermont Oxford Network. All Rights Reserved. enicq 5 System Administrator s Guide

More information

Test Case 3 Active Directory Integration

Test Case 3 Active Directory Integration April 12, 2010 Author: Audience: Joe Lowry and SWAT Team Evaluator Test Case 3 Active Directory Integration The following steps will guide you through the process of directory integration. The goal of

More information

NetWrix USB Blocker. Version 3.6 Administrator Guide

NetWrix USB Blocker. Version 3.6 Administrator Guide NetWrix USB Blocker Version 3.6 Administrator Guide Table of Contents 1. Introduction...3 1.1. What is NetWrix USB Blocker?...3 1.2. Product Architecture...3 2. Licensing...4 3. Operation Guide...5 3.1.

More information

SafeWord Domain Login Agent Step-by-Step Guide

SafeWord Domain Login Agent Step-by-Step Guide SafeWord Domain Login Agent Step-by-Step Guide Author Johan Loos Date January 2009 Version 1.0 Contact johan@accessdenied.be Table of Contents Table of Contents... 2 Why SafeWord Agent for Windows Domains?...

More information

WA1826 Designing Cloud Computing Solutions. Classroom Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1

WA1826 Designing Cloud Computing Solutions. Classroom Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1 WA1826 Designing Cloud Computing Solutions Classroom Setup Guide Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1 Table of Contents Part 1 - Minimum Hardware Requirements...3 Part 2 - Minimum

More information

Quick Start Guide for VMware and Windows 7

Quick Start Guide for VMware and Windows 7 PROPALMS VDI Version 2.1 Quick Start Guide for VMware and Windows 7 Rev. 1.1 Published: JULY-2011 1999-2011 Propalms Ltd. All rights reserved. The information contained in this document represents the

More information

Installation Guide for Pulse on Windows Server 2012

Installation Guide for Pulse on Windows Server 2012 MadCap Software Installation Guide for Pulse on Windows Server 2012 Pulse Copyright 2014 MadCap Software. All rights reserved. Information in this document is subject to change without notice. The software

More information

Installing and Configuring Login PI

Installing and Configuring Login PI Installing and Configuring Login PI Login PI Hands-on lab In this lab, you will configure Login PI to provide performance insights for a Windows Server 2012 R2 Remote Desktop Services installation. To

More information

ENABLE LOGON/LOGOFF AUDITING

ENABLE LOGON/LOGOFF AUDITING Lepide Software LepideAuditor Suite ENABLE LOGON/LOGOFF AUDITING This document explains the steps required to enable the auditing of logon and logoff events for a domain. Table of Contents 1. Introduction...

More information

XStream Remote Control: Configuring DCOM Connectivity

XStream Remote Control: Configuring DCOM Connectivity XStream Remote Control: Configuring DCOM Connectivity APPLICATION BRIEF March 2009 Summary The application running the graphical user interface of LeCroy Windows-based oscilloscopes is a COM Automation

More information

Network Connect Installation and Usage Guide

Network Connect Installation and Usage Guide Network Connect Installation and Usage Guide I. Installing the Network Connect Client..2 II. Launching Network Connect from the Desktop.. 9 III. Launching Network Connect Pre-Windows Login 11 IV. Installing

More information

Connection Broker Managing User Connections to Workstations, Blades, VDI, and More. Quick Start with Microsoft Hyper-V

Connection Broker Managing User Connections to Workstations, Blades, VDI, and More. Quick Start with Microsoft Hyper-V Connection Broker Managing User Connections to Workstations, Blades, VDI, and More Quick Start with Microsoft Hyper-V Version 8.1 October 21, 2015 Contacting Leostream Leostream Corporation http://www.leostream.com

More information

Alpha High Level Description

Alpha High Level Description Alpha High Level Description Alpha is a Windows Domain Controller (DC) and Domain Name System (DNS) Server. Because Alpha was the first DC in the aia.class domain, it is also (by default) the Windows global

More information

Hosting Users Guide 2011

Hosting Users Guide 2011 Hosting Users Guide 2011 eofficemgr technology support for small business Celebrating a decade of providing innovative cloud computing services to small business. Table of Contents Overview... 3 Configure

More information

Ekran System Help File

Ekran System Help File Ekran System Help File Table of Contents About... 9 What s New... 10 System Requirements... 11 Updating Ekran to version 4.1... 13 Program Structure... 14 Getting Started... 15 Deployment Process... 15

More information

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Setting up VMware ESXi for 2X VirtualDesktopServer Manual Setting up VMware ESXi for 2X VirtualDesktopServer Manual URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies, names, and data used in examples

More information

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION Contents 1. Getting Started... 4 1.1 Specops Deploy Supported Configurations... 4 2. Specops Deploy and Active Directory...5 3. Specops Deploy

More information

Setting up Hyper-V for 2X VirtualDesktopServer Manual

Setting up Hyper-V for 2X VirtualDesktopServer Manual Setting up Hyper-V for 2X VirtualDesktopServer Manual URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies, names, and data used in examples

More information

IIS, FTP Server and Windows

IIS, FTP Server and Windows IIS, FTP Server and Windows The Objective: To setup, configure and test FTP server. Requirement: Any version of the Windows 2000 Server. FTP Windows s component. Internet Information Services, IIS. Steps:

More information

CTERA Agent for Windows

CTERA Agent for Windows User Guide CTERA Agent for Windows May 2012 Version 3.1 Copyright 2009-2012 CTERA Networks Ltd. All rights reserved. No part of this document may be reproduced in any form or by any means without written

More information

Basic Setup Guide. Remote Administrator 4 NOD32 Antivirus 4 Business Edition Smart Security 4 Business Edition

Basic Setup Guide. Remote Administrator 4 NOD32 Antivirus 4 Business Edition Smart Security 4 Business Edition Basic Setup Guide Remote Administrator 4 NOD32 Antivirus 4 Business Edition Smart Security 4 Business Edition Contents Getting started...1 Software components...1 Section 1: Purchasing and downloading

More information

Tharo Systems, Inc. 2866 Nationwide Parkway P.O. Box 798 Brunswick, OH 44212 USA Tel: 330.273.4408 Fax: 330.225.0099

Tharo Systems, Inc. 2866 Nationwide Parkway P.O. Box 798 Brunswick, OH 44212 USA Tel: 330.273.4408 Fax: 330.225.0099 Introduction EASYLABEL 6 has several new features for saving the history of label formats. This history can include information about when label formats were edited and printed. In order to save this history,

More information

Device LinkUP + Desktop LP Guide RDP

Device LinkUP + Desktop LP Guide RDP Device LinkUP + Desktop LP Guide RDP Version 2.1 January 2016 Copyright 2015 iwebgate. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval

More information

WhatsUp Gold v16.1 Installation and Configuration Guide

WhatsUp Gold v16.1 Installation and Configuration Guide WhatsUp Gold v16.1 Installation and Configuration Guide Contents Installing and Configuring Ipswitch WhatsUp Gold v16.1 using WhatsUp Setup Installing WhatsUp Gold using WhatsUp Setup... 1 Security guidelines

More information

Quickstart Guide. First Edition, Published September 2009. Remote Administrator / NOD32 Antivirus 4 Business Edition

Quickstart Guide. First Edition, Published September 2009. Remote Administrator / NOD32 Antivirus 4 Business Edition Quickstart Guide First Edition, Published September 2009 Remote Administrator / NOD32 Antivirus 4 Business Edition Contents Getting started...1 Software components...1 Section 1: Purchasing and downloading

More information

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM)

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) March, 2013 Ref. 03.10 Kepware Technologies Table of Contents 1. Overview... 1 1.1 What is DCOM?... 1 1.2 What is OPCEnum?... 1 2. Users and

More information

XF Extracellular Flux Analyzer. Installation and Troubleshooting Guide

XF Extracellular Flux Analyzer. Installation and Troubleshooting Guide Installation and Troubleshooting Guide February 24, 2014 2 TABLE OF CONTENTS XF Client System and File Requirements 4 Frequently Asked Questions. 4 Installation.. 5 Installing XF Software.. 5 Resolving

More information

Creating client-server setup with multiple clients

Creating client-server setup with multiple clients Creating client-server setup with multiple clients Coffalyser.Net uses a SQL client server database model to store all project/experiment- related data. The client-server model has one main application

More information

Integrating LANGuardian with Active Directory

Integrating LANGuardian with Active Directory Integrating LANGuardian with Active Directory 01 February 2012 This document describes how to integrate LANGuardian with Microsoft Windows Server and Active Directory. Overview With the optional Identity

More information

Freshservice Discovery Probe User Guide

Freshservice Discovery Probe User Guide Freshservice Discovery Probe User Guide 1. What is Freshservice Discovery Probe? 1.1 What details does Probe fetch? 1.2 How does Probe fetch the information? 2. What are the minimum system requirements

More information

LepideAuditor Suite for File Server. Installation and Configuration Guide

LepideAuditor Suite for File Server. Installation and Configuration Guide LepideAuditor Suite for File Server Installation and Configuration Guide Table of Contents 1. Introduction... 4 2. Requirements and Prerequisites... 4 2.1 Basic System Requirements... 4 2.2 Supported Servers

More information

Setting Up Scan to SMB on TaskALFA series MFP s.

Setting Up Scan to SMB on TaskALFA series MFP s. Setting Up Scan to SMB on TaskALFA series MFP s. There are three steps necessary to set up a new Scan to SMB function button on the TaskALFA series color MFP. 1. A folder must be created on the PC and

More information

User Guide. CTERA Agent. August 2011 Version 3.0

User Guide. CTERA Agent. August 2011 Version 3.0 User Guide CTERA Agent August 2011 Version 3.0 Copyright 2009-2011 CTERA Networks Ltd. All rights reserved. No part of this document may be reproduced in any form or by any means without written permission

More information

Management Utilities Configuration for UAC Environments

Management Utilities Configuration for UAC Environments Management Utilities Configuration for UAC Environments For optimal use of SyAM Management Utilities, Windows client machines should be configured with User Account Control disabled or set to the least

More information

Deploying System Center 2012 R2 Configuration Manager

Deploying System Center 2012 R2 Configuration Manager Deploying System Center 2012 R2 Configuration Manager This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.

More information

Getting Started with Vision 6

Getting Started with Vision 6 Getting Started with Vision 6 Version 6.9 Notice Copyright 1981-2009 Netop Business Solutions A/S. All Rights Reserved. Portions used under license from third parties. Please send any comments to: Netop

More information

XenDesktop Implementation Guide

XenDesktop Implementation Guide Consulting Solutions WHITE PAPER Citrix XenDesktop XenDesktop Implementation Guide Pooled Desktops (Local and Remote) www.citrix.com Contents Contents... 2 Overview... 4 Initial Architecture... 5 Installation

More information

SELF SERVICE RESET PASSWORD MANAGEMENT GPO DISTRIBUTION GUIDE

SELF SERVICE RESET PASSWORD MANAGEMENT GPO DISTRIBUTION GUIDE SELF SERVICE RESET PASSWORD MANAGEMENT GPO DISTRIBUTION GUIDE Copyright 1998-2015 Tools4ever B.V. All rights reserved. No part of the contents of this user guide may be reproduced or transmitted in any

More information

Installation Instruction STATISTICA Enterprise Server

Installation Instruction STATISTICA Enterprise Server Installation Instruction STATISTICA Enterprise Server Notes: ❶ The installation of STATISTICA Enterprise Server entails two parts: a) a server installation, and b) workstation installations on each of

More information

For Active Directory Installation Guide

For Active Directory Installation Guide For Active Directory Installation Guide Version 2.5.2 April 2010 Copyright 2010 Legal Notices makes no representations or warranties with respect to the contents or use of this documentation, and specifically

More information

Managing Windows Vista and Windows Server Longhorn Network Bandwidth with Policy-Based Quality of Service

Managing Windows Vista and Windows Server Longhorn Network Bandwidth with Policy-Based Quality of Service Bandwidth with Policy-Based Quality of Service Page 1 of 11 Managing Windows Vista and Windows Server Longhorn Network Bandwidth with Policy-Based Quality of Service Abstract Policy-based Quality of Service

More information

HDA Integration Guide. Help Desk Authority 9.0

HDA Integration Guide. Help Desk Authority 9.0 HDA Integration Guide Help Desk Authority 9.0 2011ScriptLogic Corporation ALL RIGHTS RESERVED. ScriptLogic, the ScriptLogic logo and Point,Click,Done! are trademarks and registered trademarks of ScriptLogic

More information

OrgPublisher EChart Server Setup Guide

OrgPublisher EChart Server Setup Guide Table of Contents Table of Contents Introduction... 3 Role Requirements for Installation... 3 Prerequisites for Installation... 3 About OrgPublisher ECharts... 3 About EChart Rich Client Publishing...

More information

Server Installation: ServerTools

Server Installation: ServerTools Server Installation: ServerTools ServerTools Page 1 Table of Contents To Install ServerTools...3 Backup and Restore...6 Purpose...6 Background...6 Requirements...6 Creating a Backup Schedule using the

More information

Symantec PGP Whole Disk Encryption Hands-On Lab V 3.7

Symantec PGP Whole Disk Encryption Hands-On Lab V 3.7 Symantec PGP Whole Disk Encryption Hands-On Lab V 3.7 Description This hands-on lab session covers the hard drive encryption technologies from PGP. Students will administer a typical Whole Disk Encryption

More information

Active Directory Integration

Active Directory Integration January 11, 2011 Author: Audience: SWAT Team Evaluator Product: Cymphonix Network Composer EX Series, XLi OS version 9 Active Directory Integration The following steps will guide you through the process

More information

Verizon Remote Access User Guide

Verizon Remote Access User Guide Version 17.12 Last Updated: August 2012 2012 Verizon. All Rights Reserved. The Verizon names and logos and all other names, logos, and slogans identifying Verizon s products and services are trademarks

More information

Lab 1: Windows Azure Virtual Machines

Lab 1: Windows Azure Virtual Machines Lab 1: Windows Azure Virtual Machines Overview In this hands-on Lab, you will learn how to deploy a simple web page to a Web server hosted in Windows Azure and configure load balancing. Objectives In this

More information

Create, Link, or Edit a GPO with Active Directory Users and Computers

Create, Link, or Edit a GPO with Active Directory Users and Computers How to Edit Local Computer Policy Settings To edit the local computer policy settings, you must be a local computer administrator or a member of the Domain Admins or Enterprise Admins groups. 1. Add the

More information

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol...

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol... Page 1 of 16 Security How to Configure Windows Firewall in a Small Business Environment using Group Policy Introduction This document explains how to configure the features of Windows Firewall on computers

More information

Team Foundation Server 2012 Installation Guide

Team Foundation Server 2012 Installation Guide Team Foundation Server 2012 Installation Guide Page 1 of 143 Team Foundation Server 2012 Installation Guide Benjamin Day benday@benday.com v1.0.0 November 15, 2012 Team Foundation Server 2012 Installation

More information

WA2262 Applied Data Science and Big Data Analytics Boot Camp for Business Analysts. Classroom Setup Guide. Web Age Solutions Inc.

WA2262 Applied Data Science and Big Data Analytics Boot Camp for Business Analysts. Classroom Setup Guide. Web Age Solutions Inc. WA2262 Applied Data Science and Big Data Analytics Boot Camp for Business Analysts Classroom Setup Guide Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1 Table of Contents Part 1 - Minimum Software

More information

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Deploying BitDefender Client Security and BitDefender Windows Server Solutions Deploying BitDefender Client Security and BitDefender Windows Server Solutions Quick Install Guide Copyright 2010 BitDefender; 1. Installation Overview Thank you for selecting BitDefender Business Solutions

More information

PigCHAMP Knowledge Software. Enterprise Edition Installation Guide

PigCHAMP Knowledge Software. Enterprise Edition Installation Guide PigCHAMP Knowledge Software Enterprise Edition Installation Guide Enterprise Edition Installation Guide MARCH 2012 EDITION PigCHAMP Knowledge Software 1531 Airport Rd Suite 101 Ames, IA 50010 Phone (515)

More information

2X ApplicationServer & LoadBalancer Manual

2X ApplicationServer & LoadBalancer Manual 2X ApplicationServer & LoadBalancer Manual 2X ApplicationServer & LoadBalancer Contents 1 URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies,

More information

Microsoft XP Professional Remote Desktop Connection

Microsoft XP Professional Remote Desktop Connection Microsoft XP Professional Remote Desktop Connection With Remote Desktop, you get full, secure access to your work computer via an Internet or network connection. For example, you can connect to your office

More information

Keeping Windows 8.1 safe and secure

Keeping Windows 8.1 safe and secure Keeping Windows 8.1 safe and secure 14 IN THIS CHAPTER, YOU WILL LEARN HOW TO Work with the User Account Control. Use Windows Firewall. Use Windows Defender. Enhance the security of your passwords. Security

More information

WhatsUp Gold v16.2 Installation and Configuration Guide

WhatsUp Gold v16.2 Installation and Configuration Guide WhatsUp Gold v16.2 Installation and Configuration Guide Contents Installing and Configuring Ipswitch WhatsUp Gold v16.2 using WhatsUp Setup Installing WhatsUp Gold using WhatsUp Setup... 1 Security guidelines

More information

Windows Server Update Services 3.0 SP2 Step By Step Guide

Windows Server Update Services 3.0 SP2 Step By Step Guide Windows Server Update Services 3.0 SP2 Step By Step Guide Microsoft Corporation Author: Anita Taylor Editor: Theresa Haynie Abstract This guide provides detailed instructions for installing Windows Server

More information