Data Center Security

Expand all | Collapse all

Prevention Policy for SCCM/ Update Agents

  • 1.  Prevention Policy for SCCM/ Update Agents

    Posted 07-09-2020 07:14 AM
    I was trying to configure Prevention Policy for SCCM/Update Agent.
    A basic protection stratgey, no modifications to executables.
    BUT , SCCM / Update agent applications can modify the files.

    I had added the software in predefined updaters list.

    It still does not works.

    Do I need to add it to Application rules also ?
    If somebody here has any idea to overcome the problem.


  • 2.  RE: Prevention Policy for SCCM/ Update Agents

    Posted 08-20-2020 07:02 AM
    The prohibition on modifying the executable  files is in the Global section in any sandbox.
    If you need to allow a certain application:
    1. Create an "Application" for her
    2. Create a custom Sandbox and allow modification of the executable files.
    3. Associate the created application with the custom sandbox.