To generate the file fingerprint list, use the checksum tool included in the Symantec Endpoint Protection client installation. First, you create a fingerprint list, and then you import the list into the Symantec Endpoint Protection Manager (SEPM) for use in the System Lockdown policy. Implementing System Lockdown is a two-step process. Approved applications are contained in a list of fingerprints that include checksums and locations of applications that are approved for use. The whitelisting mode allows you to tightly control which applications are allowed to run on the endpoint. System Lockdown enables blacklisting or whitelisting capabilities.
Restricting applications with System Lockdown You can restrict unapproved applications using Application Control and System Lockdown. One of the most important security practices to implement on a PoS device is to restrict the use of unapproved applications that are allowed to run on the PoS device. Note: If the PoS device is running a non-Windows operating system, Symantec Embedded Security: Critical System Protection product may be used as an alternative. Symantec Endpoint Protection 12.1 fully supports different Windows operating systems, including Windows Embedded, which is commonly used on PoS devices. Point-of-sale devices may have different operating systems.
Installing a reduced-size client installation package.Restricting applications in the firewall policy.Restricting applications with system hardening in Application Control.Restricting applications with Application Control.Restricting applications with System Lockdown.
0 kommentar(er)
