Data Center Security

 View Only

  • 1.  Windows 2003 32-bit vs 64-bit

    Posted Jun 10, 2015 02:06 PM

    In the prevention policies there is a setting to allow the policy to be applied to Win 2k3 64-bit systems.
    What happends if this setting is enabled in the policy and then deployed to a 32-bit machine?  A Win2k8?

    What's the danger in simply enabling this setting without regard to the OS?



  • 2.  RE: Windows 2003 32-bit vs 64-bit
    Best Answer

    Posted Jun 10, 2015 03:25 PM

    I cannot remember which, but either the Enhanced Memory Protection or the Thread Injection Protection (Process Access Control) is not compatible with Win2k3x64.  Checking that box disables the feature and thus allows it to be applied to Win2k3x64 machines.  If you apply that to other machines, you lose that capability there also.



  • 3.  RE: Windows 2003 32-bit vs 64-bit

    Posted Jun 10, 2015 04:16 PM

    That makes sense.

     

    So best practice is a separate policy for 32-bit and 64-bit machines.  Yes?



  • 4.  RE: Windows 2003 32-bit vs 64-bit

    Posted Jun 11, 2015 12:49 PM

    That is what I do, 2 separate policies.