win2008 to limit the use of Thunderbolt download method [software Policy]_win Server
Source: Internet
Author: User
This is not, ingenious to the Windows Server 2008 System Group Policy features in-depth mining, we can find a lot of security application secrets; Now this article for your friends to contribute a few such security secrets, hope to be useful to everyone!
1, limit the use of thunder for malicious download
When many people use the same computer to work together, we certainly do not want ordinary users to use the Thunderbolt tool for malicious downloading, which not only easy to waste the local system of disk space resources, but also greatly consumes the local system's Internet bandwidth resources. In a Windows Server 2008 system environment, there are many ways to limit the use of thunder tools for malicious downloads by ordinary users, for example, by leveraging the newly added advanced security firewall features of the Windows Server 2008 system, or by restricting the download port and other methods to achieve this control purposes, in addition to these methods, we can skillfully use the system's software restriction strategy to achieve this goal, the following is the implementation of the method steps:
First login to the Windows Server 2008 system with System administrator privileges, open the Start menu of the system, select the "Run" command, and in the pop-up system run text box, enter the "gpedit.msc" string command into the corresponding system's Group Policy console window;
Next, in the left position of the console window, select the Computer Configuration/Windows Settings/Security settings/Software Restriction policies option, right-click the option, and execute the Create Software Restriction Policy command on the shortcut menu;
Next, display the area to the right of the software Restriction policy option. Double-click the Force Group Policy item, open the Settings dialog box shown in Figure 1, select the all users except local Administrator option, leave the default settings, and click OK to end the above setup action;
Figure 1 Software restriction policies
The "other rules" option under the software Restriction Policies node is selected below. Right-click the Group Policy option, select the new path Rule command from the pop-up shortcut menu, and in the Settings dialog box that appears, click the Browse button to select the Thunderbolt download program and the security level for the application. The parameter is set to Disallowed, and finally click OK to perform the parameter setting save operation;
Restart the Windows Server 2008 system, when the user logged into the system with the ordinary rights account, ordinary users can not normally use the Thunderbolt program for malicious download, but when we access to the system administrator access to the local computer system, still can normally run the Thunderbolt program to download randomly.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.