- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
- About File Auditing
Setting up File Audit
- About File Analysis
Setting up File Analysis
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
- About Endpoint DLP
Setting up Endpoint DLP
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload Reports
Setting up Cloud Protection
- Technician configuration
- Email configuration
- Notification filters
- Manage agent
- SIEM integration
- Business hours configuration
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
Configure process restriction policies
The process restriction policy in DataSecurity Plus prevents users from running unauthorized executables.
Steps to create a new process restriction policy:
- Select Endpoint from the drop-down menu in the top pane.
- Go to Configuration, and choose Process Restriction from the Prevention Policies drop-down menu.
- Click the + Add Block Executable Profile on the top-right corner.
- Provide a suitable profile name and description.
- To create a new policy, click the + Add new Executable button located at the top-right corner.
- Enter a suitable Executable Name in the Add new Executable window that appears.
- Choose a Block Rule from the two options:
- Path: Enter the file path in the Executable Path field.
- Hash: Browse and upload an executable file. Click Calculate Hashes so that the MD5 Hash and SHA256 Hash text boxes are filled. Click Save.
- Click Save to create the policy.
- No conflicting rules are present in the domain controller Group Policy Object (GPO).
- The option to push process restriction policies through local GPO is not disabled.
Note: Use Path when you have to block a process being executed from a particular location only. Use Hash to block it from all sources.
Best practice: Use both the Path and Hash methods to configure the Block Rule for the same executable, as the hash would need to be recomputed manually when the executable is updated.