Desktop Agent Profile - End Point Security - Service Protection
Details of service protection rules section of ThinScale Desktop Agent Profile Editor.
END POINT SECURITY - SERVICE PROTECTION
Service Protection builds on existing Process Security technology to provide Windows services execution control at the system level. An administrator can define rules for a profile to control what services can run or should be stopped. Control is asserted over overall service applications, including all Windows services.
Service Protection has four areas of operation:
at start-up: services are scanned for compliance before the TDA starts, and all the rules will be applied beforehand.
at session start-up: services are scanned for compliance while the TDA initializes the secure session, and all the rules will be applied during initialization.
repeat: services are scanned for compliance in real-time while TDA policies are in place, and all the rules will be applied while the TDA session runs every x.
at logout: services are scanned for compliance while the TDA is logging off, and all the rules will be applied at logout.
Example: Stopping Bluetooth service