How to use windows - security level profiles in Endpoint Manager

Release Time
07/11/2018
Views
1697 times
Category
profiles
Tags


Endpoint Manager new profiles are optimized for security and usability. The profiles are based on three levels of security as follows:

  • ‘Windows - Security Level 1 Profile’ (replaces 'Optimum Windows Profile’)

  • ‘Windows - Security Level 1 Profile [Former Standard Profile]’ (replaces ‘Standard Windows’ profile)

  • ‘Windows - Security Level 2 Profile' (replaces ‘Hardened Windows Profile’)

  • ‘Windows - Security Level 3 Profile’ (new profile - max. security)

Step [1] : To view the profiles go to "Endpoint Manager"→ "CONFIGURATION TEMPLATES"→ "Profiles".

  • More details on each profile are under the next screenshot.

Windows - Security Level 1

  • Replaces ‘Optimum Windows Profile’ with the following addition:

    • HIPS is enabled with ‘Safe Mode’ + ‘Allow Request active

  • This is now the default profile unless you designate a new default

Windows – Security Level 2

  • Replaces ‘Hardened Windows Profile’ with the following additions:

    • HIPS is enabled with ‘Safe Mode’ + ‘Block Request active

    • Auto-containment is active with logging enabled

Windows – Security Level 3

  • New profile featuring highest security settings

  • Same as ‘Windows – Security Level 2’ with the following additions:

    • Antivirus settings - ‘Use Cloud While Scanning’ is enabled by default in ‘Full Scan’. The cloud database is the most up-to-date version of the virus database, so antivirus scans are more accurate. It also means CCS is capable of detecting zero-day malware even if the local database is out-of-date.

    • HIPS settings – all interpreters are enabled under ‘Heuristic Command Line Analysis’ and ‘Embedded code detection:

Windows – Security Level 1 [Former Standard Profile]

  • Replaces ‘Windows Standard’ profile.

  • Implements the same security settings as mentioned in ‘Windows – Security Level 1’