Critical System Protection

 View Only

  • 1.  Prevent Policy for NCR - Wincor

    Posted Feb 15, 2019 09:43 AM

    Hello dears,

    I have been struggling with our Symantec Critical Protection V8.0 building some Prevention Policy for Windows Machine used by NCR and Wincor

    After reading some of the 1000 pages etc of the manual I have done some tests but without luck.

    Is there any way to build or find some policy for my purpose ?

    Already tried with sandbox but I’m having difficulties ?

    Anyone is using Symantec CSP or had previous experience for NCR or Wincor ?

    Thank You



  • 2.  RE: Prevent Policy for NCR - Wincor

    Posted Feb 21, 2019 06:24 AM

    Hi

     

    What is it you're trying to achieve with your prevent policies? With CSP, you can whitelist applications either through the list of discovered apps on the machines once the agent is installed, or by specifying the path to where the application sits. Everything else will not be allowed to run.

     

    The product is incredibly granular and OS doesn't seem to matter a great deal (as long as it's still windows based in this instance). I've got two machines running Win7 and XP and am able to apply policies to both with no issues.

     

    Further info will help me help you.

     

    Thanks

     

    Chris



  • 3.  RE: Prevent Policy for NCR - Wincor

    Posted Feb 22, 2019 07:37 AM

    Hi, we are trying to prevent buffer overflow etc type of attac that symantec endpoint could not do ( at least that was the purpose)

     

    Following the guide of whitelistening is very difficult because only windows has a lot of to exclude