Management and Security powered by Landesk

Endpoint Security help

Use this dialog box (Tools > Configuration > Agent Settings > Endpoint Security) to create and edit Endpoint Security settings.

This dialog box contains the following pages.

About the Endpoint Security: General settings page

Use this page to configure location awareness (trusted network) and other access settings.

  • Name: Identifies the settings with a unique name.
  • Administrator: Specifies administrator password and options.
    • Use a password for Administrator: Specifies the password required on devices configured with this Endpoint Security settings in order to perform certain actions on the protected device.
    • Allow Windows Service Control Manager to stop the Endpoint Security service: Lets the end user stop the Endpoint Security service on the client.
  • Client interface: Specifies how the Endpoint Security client displays on managed devices.
    • Show icon in the taskbar notification area: Displays the notification area icon in the client interface.
    • Show violation balloon tips: Displays a message on the end-user device if a blocked operation occurs.
    • Show Start menu shortcut in Ivanti Management group: Displays a program icon for the Endpoint Security client in the Start menu (click Start > Programs > Ivanti Management)
  • Global hotkeys: Specifies hotkey shortcuts used for particular Endpoint Security features.
    • Device Control bypass hotkey: Enables you to define a hotkey sequence that allows temporary access to a blocked device. The default hot key is Ctrl+Shift+F1. To enter the desired hotkey sequence, place the cursor in the text box, and then press (and hold) the keys in the order you want.
  • Save: Saves your changes and closes the dialog.

About the Endpoint Security: Digital signatures page

Use this page to view and manage trusted digitally-signed applications and vendors.

  • Do not trust digitally signed applications: Don't automatically trust digitally-signed applications. Disables the rest of the dialog-box options.
  • Trust all digitally signed applications: Automatically trust digitally-signed applications. Be careful when using this. While being digitally signed does imply some degree of credibility, it doesn't guarantee that an application should be allowed in your environment.
  • Trust digitally signed applications from these vendors: Only trust digitally-signed applications from the vendors you specify. A basic list of reputable vendors is in the Trusted vendors list by default. You can use the buttons below that list to modify it.
  • Discovered vendors: Vendors found by the inventory software scanner on managed devices.
  • Trusted vendors: Vendor names to trust. Use wildcards to make sure the vendor name matches variations in the name that appears on their digitally-signed applications.
  • Add, Edit, and Delete: Use these to manage vendor names in the vendor lists.

About the Endpoint Security: Default policy

Use this page to configure the security component agent settings and trusted file list settings.

Components: Select the agent setting you want to use for each component.

  • Trusted file lists: Use the Add and Edit buttons to configure the trusted file lists you want to use.
  • Learning list: When a component is set to learning mode, learned file information is added to this list.
  • Add learning activity only into the learning list: Only updates the learning list you specified.
  • Add learning activity into each list where the same file already exists: Updates all trusted file lists that already have an entry for the learned file.

About the Endpoint Security: Trusted folders page

Use this dialog box to specify folder paths on managed devices that should be considered trusted.

Click Add and specify a folder path and the rights you want to give that folder and all its child folders.

About the Endpoint Security: Monitored folders page

Use this dialog box to specify folder paths on managed devices that should be monitored. All files and child folders contained in a monitored folder are monitored. Use the Security activity tool's Application control section (Tools > Security and Compliance > Security activity) to view notifications on monitored folders. If any endpoint security actions need your attention, you'll also see a notification when you log in to the Management Suite console.

Click Add and specify a folder path, the file patterns, exclusions, and file activities to be monitored.

 


Was this article useful?    

The topic was:

Inaccurate

Incomplete

Not what I expected

Other