Client Login
Forgot Password? 
|
|
|
|
 
 
  Secure Details

Detailed Secure Control Information

The listing below goes into more detail and discusses changes that can be made to the protection.  These changes generally tighten the protection on the computer and can eventually lead to the computer only being able to run a specific set of applications and nothing else.  Each discrete step in control is accomplished entirely by HyBlue and the Secure service.

Management Options for the Desktop/Laptop Client

  • An administrative user is currently allowed to unload the anti virus products. This can be changed to never allowed or only allowed when not on a network.
  • The firewall can unloaded, though there is a Basic Protection setting which removes the anti Malware filters. Use this for troubleshooting firewall issues.
  • Administrative users are allowed to change certain settings, but not regular users. This can be changed so that no one can change settings
    • Troubleshooting note. It is sometimes handy to login as an administrator where you can disable certain sections of the security client in order to troubleshoot issues.

Laptop/Desktop Secure

  • Virus Protection
    • Definitions update automatically
    • No indicator is given to user when a virus is found
    • Real-time virus scanning is enabled
    • Manual file scanning is allowed
    • Boot sector and floppies are scanned at startup
    • Viruses found during scan are disinfected automatically and if they can’t be disinfected they are renamed. Failure to rename generates an alert to the technical contact
    • Memory is scanned
    • Only the following file extensions are scanned:
      • COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ POT MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML
    • Exclusions can be added on user request
    • Scans can be scheduled centrally or individually
    • POP3/IMAP/SMTP scanning is automatically enabled or disabled depending on need. Outlook connecting to an Exchange Server is not protected by this part of the service.
      • Mail is scanned incoming and outgoing
      • Attachments are disinfected if they can be or removed.
      • Outgoing mail that is infected is stopped
    • Web Traffic Scanning
      • Scanning is enabled, malicious content is blocked
    • System Control
      • Registry protection is on and registry is protected against changes made when no user is present
      • The system will prompt for changes to
        • System Startup
        • Critical file association changes
        • Critical system changes
      • The system will allow changes to application association
    • Dialup control is enabled, this keeps unauthorized programs from attempting to dial out.
  • Spyware Protection
    • Realtime spyware scanning is enabled
      • The hosts file is protected from changes by applications (it can still be edited with a text editor)
      • The system scans for tracking cookies
      • The system quarantines automatically anything it considers Spyware
      • Tracking cookies are deleted automatically
      • Users do receive local alerts of spyware being found and removed.
    • Manual or scheduled scans can be run.
      • These scans look for
        • Active processes
        • Keyloggers
        • Dialers
        • Tracking Cookies
        • Deep scan the Registry
        • Scan system files
      • These scans automatically remove spyware found.
    • Browser popup windows are blocked. Note this can conflict with some applications and can be disabled
      • Users can add allowed or blocked sites to popup rules
    • The Browser Lock is automatically enabled on Internet Explorer
      • Browswer lock protects against changes to registry settings, Active X installations and automatic file saving.    Users can turn off Browser Lock under Options, IE Shield. They can configure them as well
  • Firewall
    • There are a number of levels of security available in the system, we use Office by default.
    • Other levels are
      • Block all
        • Blocks all traffic
      • Mobile
        • More restricted than office for travelling
      • Home
        • A little more forgiving of games
      • Basic Protection
        • Very basic protection. Keeps general attacks at bay but does not block malware
    • Other levels can be setup for your use and the system does have the capability to “auto sense” which level of security to use. This function is based on parameters like the IP address of the DHCP server and DNS server. You can configure
  • Application Control is enabled by default.  Application control uses a white/black list that HyBlue maintains.
    • Application control can limit which applications can access the Internet. It tracks applications by the name of the exe and version number.
      • HyBlue automatically receives and reviews any new application that accesses the Internet by any computer in our customer network.
      • We black list any obviously bad applications and white list obvious good ones.
      • Once we black list an application, no computer under management can run it unless specifically requested.
    • You can request specific white or black list.
      • Remember, if you specify a white list, you will be allowing ONLY those applications

Black list is preferable to block out applications that are undesired.  This can include a class of applications like Instant Messaging, Peer to Peer file sharing and who on.
 
Copyright © 2005-2008 HyBlue, Inc. Privacy Policy    Terms of Service & Legal    Company   Other Services   Partners