Desktop Agent Profile - End Point Security - Service Protection

Details of service protection rules section of ThinScale Desktop Agent Profile Editor.

Written by Diego

Last published at: February 5th, 2024

 

END POINT SECURITY - SERVICE PROTECTION



 

Service Protection builds on existing Process Security technology to provide Windows services execution control at the system level. An administrator can define rules for a profile to control what services can run or should be stopped. Control is asserted over overall service applications, including all Windows services.
 

Service Protection has four areas of operation:

at start-up: services are scanned for compliance before the TDA starts, and all the rules will be applied beforehand.

at session start-up: services are scanned for compliance while the TDA initializes the secure session, and all the rules will be applied during initialization.

repeat: services are scanned for compliance in real-time while TDA policies are in place, and all the rules will be applied while the TDA session runs every x.

at logout: services are scanned for compliance while the TDA is logging off, and all the rules will be applied at logout.


Example: Stopping Bluetooth service