Windows security policies are very effective in protecting the windows machines by providing restricted access to the users. If the Windows security policies are not properly configured, users can easily tamper the registry, control panel applets, and other critical system settings, which can lead to system crash. Hence suitably configuring Windows security policies in each windows machine in the network is very important.
ManageEngine Desktop Central helps administrators to easily configure and deploy Windows security policies throughout the network using its Web user Interface. These security policies configuration can be applied to users or computers or mass installation can be done to OUs, Domains or Sites.
Desktop Central supports configuring Windows security policies under various categories as explained below. Refer to Securing Windows Desktops to see the ways to enhance desktop security using Desktop Central.
Active Desktop security policies include, Restrict users to change the wallpaper, Restrict adding of any desktop items, Restrict deleting any desktop items, etc.
Control Panel security policies include, Hide add/remove hardware applet, Hide add/remove programs applet, Hide games controller applet, etc.
Desktop security policies include, Hide and disable all items on the desktop, Prevent adding, dragging, dropping and closing the taskbar tool, Hide Internet Explorer icon on desktop, etc.
Explorer security policies include, Remove 'Map network drive' and
'Disconnect network drive', Remove folder options menu item from the
tools menu, Remove search button from Windows explorer, etc.
Internet Explorer security policies include, Restrict changing proxy settings, Restrict changing history settings, Hide security option screen, etc.
Microsoft Management Console security policies include, Restrict/permit computer management snap-in, Restrict/permit event viewer snap-in, Restrict user from entering author mode, etc.
Network security policies include, Ability to rename LAN, Ability to enable/disable LAN connections, Alphanumeric password, etc.
Start Menu and Taskbar security policies include, Prevent changes to taskbar and start menu settings, Remove run from start menu, Remove and prevent access to the shutdown command, etc.
System security policies include, Restrict using registry editing tools, Restrict using change passwords page, Hide device manager page, etc.
Task Scheduler security policies include, Prevent task run or end, Prohibit task deletion, Prohibit browse, etc.
Windows Installer security policies include, Always install with elevated privileges, Prohibit rollback, and Disable media source for any install.
Computer security policies include, Disable Ctrl+Alt+Del requirement for logon, Restrict CD-ROM access to locally logged-on user only, Prevent user from changing file type association, etc.
For more details, refer to the Windows Security Policies topic in the online help.
For details on various out-of-the-box Windows Configurations supported by Desktop Central, refer to Windows Configurations.