Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

how to deny running portable softwares?

Posted on 2011-02-21
4
Medium Priority
?
1,764 Views
Last Modified: 2012-06-27
how to deny running portable softwares?
0
Comment
Question by:Mirceyhun
  • 3
4 Comments
 
LVL 20

Expert Comment

by:woolnoir
ID: 34941322
Is using external software an option, or do you want to do this using AD ?

If AD - you have two options 1) disable USB drives using GPO or 2) specifically allow all applications that you want to allow - anything not mentioned (i.e usb etc) will be blocked.
0
 
LVL 20

Accepted Solution

by:
woolnoir earned 2000 total points
ID: 34941365
or


To do this you need to modify the Local Security Settings.

1. From the start menu, go to the RUN command window and enter secpol.msc
2. In the Local Security Settings window, select Software Restrictions Policies, you'll notice on the right pane that there are no policies defined.
3. To create a policy, select Action from the toolbar, then select Create New Policies.
4. Once a policy is created, you'll notice 5 new objects in the right pane.
5. Select the Additional Rules Folder, right click and select New Path Rule.
6. A New Path Rule window appears. Here enter the path of the drive or folder you'd like to enforce restrictions on. After entering a path, make sure the Security level option is set to disallow.
7. Do this on all drives you wish to prevent this type of action on. For example A:\ D:\ E:\ F:\
8.Create a rule to prevent the user running executables in their home drive or the desktop. (We provide students with a mapped network drive H:\ Where they can be monitored from. They can run what they want from this drive.)
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 34941373
You can also do the above from a GPO.
0
 

Author Closing Comment

by:Mirceyhun
ID: 34941435
thanks
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question