Login to participate
Security IdeasRSS
2
Disable all "Configure Settings" buttons from the client "Change Settings" page
TallTech
November 6th, 2009
Filed under: Endpoint Protection (AntiVirus) - 11.x, Endpoint Protection (AntiVirus), Configuring, Security
3 Agree, 1 Disagree
Although I have disabled all the client configurations once an end user clicks into the configure settings buttons on the change settings page, I would like to see all these options disabled and grayed out like the Network Threat Protection is.
I see no reason for the click-aholics to be able to even browse into those buttons.
Agree
But I still agree with you what you are saying. I think ability to browse into all buttons has been kept just to see if any virus or worm has changed it. This is just a guess. But on the other hand I also think that the SEPM console should be able to show the status/count of clients whose settings have been compromised by virus like antivirus settings, registry disabled, hosts files compomised, cmd disabled task manager, etc.
Also just to add to your discussion. One setting cannot be locked by the administrator i.e. the log settings.Here is the screenshot. Please let me know in case you have any option to disable this setting.
Thanks in advance.
-Anshuman
Would you like to reply?
Login or Register to post your comment.