Help Center

Quick Start

File Auditing

Endpoint DLP

File Analysis

Data Risk Assessment

Cloud Protection

Administrative settings

General settings

About DataSecurity Plus

Release notes

Troubleshooting

Guides

Contact us

Configure process restriction policies

The process restriction policy in DataSecurity Plus prevents users from running unauthorized executables.

Steps to create a new process restriction policy:

  • Select Endpoint from the drop-down menu in the top pane.
  • Go to Configuration, and choose Process Restriction from the Prevention Policies drop-down menu.
  • Click the + Add Block Executable Profile on the top-right corner.
  • Provide a suitable profile name and description.
  • To create a new policy, click the + Add new Executable button located at the top-right corner.
  • Enter a suitable Executable Name in the Add new Executable window that appears.
  • Choose a Block Rule from the two options:
    • Path: Enter the file path in the Executable Path field.
    • Hash: Browse and upload an executable file. Click Calculate Hashes so that the MD5 Hash and SHA256 Hash text boxes are filled. Click Save.

      • Note: Use Path when you have to block a process being executed from a particular location only. Use Hash to block it from all sources.

  • Click Save to create the policy.

    • Best practice: Use both the Path and Hash methods to configure the Block Rule for the same executable, as the hash would need to be recomputed manually when the executable is updated.

    Note: For process restriction profiles to work on workstations, ensure that:
    • No conflicting rules are present in the domain controller Group Policy Object (GPO).
    • The option to push process restriction policies through local GPOs is no disabled.

Don't see what you're looking for?

  • Visit our community

    Post your questions in the forum.

     

  • Request additional resources

    Send us your requirements.

     

© 2021 Zoho Corporation Pvt. Ltd. All rights reserved.