Recommended Security Rules
Ivanti recommends that you define certain administrative security rules before installing Ivanti Device and Application Control.
The recommended security settings are specific to Microsoft® Windows® and complement operation of Ivanti Device and Application Control.
Security Rule |
Description |
---|---|
Hard Disk Encryption |
Encrypts computer disk drives to prevent unauthorized user access to the computer hard disk drive. |
Password Protect the BIOS |
Prevents administrative user access when using a CMOS reset jumper, in combination with password protection for the BIOS and seal/chassis intrusion protection. |
Seal/Chassis Intrusion Protector |
Uses seal and/or chassis intrusion protection hardware to prevent administrative user access using an external boot device to bypass workstation security software. |
Administrative Rights |
Remove local users from the local Administrators group to prevent unrestricted local user computer access. |
Power Users |
Remove local users from the Power Users group to prevent users from tampering or bypassing standard Windows security policies. |
Access Policy |
Restrict network and file access as much as possible, including use restriction only to NTFS partitions. |
NTFS Partition |
Use of NTFS partitioning is required for installation of Ivanti Device and Application Control product solutions. |
Recovery Console |
Password protect user access to the Recovery Console, which is available for the Windows DVD/CD-ROM or MSDN subscription. |
Service Pack and Hot Fixes |
Always install the latest service packs and hot fixes for the operating system supported by Ivanti Device and Application Control product solutions. |
Firewalls |
Use traditional perimeter-based security systems, like firewalls, to complement Ivanti Device and Application Control product solutions. |
Password Policies |
Maintain strong password security policies. |
Private and Public Key Generation |
Deploy Ivanti Device and Application Control product solutions using secure public and private key pairs. |