Software Restriction Policies (SRP)
Software Restriction Policies – effective protection of Microsoft Windows without antiviruses programs.
This article describes the mechanism of Software Restriction Policies, which is designed to create policies to run the programs.
How to start a defense against viruses and other malware?
Protection against computer viruses, “Trojan horses” and other stuff in the first place depends on what privileges you to come into the computer. Usually, all accounts (logins) are divided into two categories – administrative, designed for software installation and configuration, and standard (with limited rights), designed for daily use.
Want something to configure, install? – Login in as System administrators.
Want to watch movies, write coursework, communicate in Skype? – Login in as standard user.
The fact is that standard users do not have permission to install software and configure the system, due to which it works very stable and secure. Something screwed up or break it does not, this is not just the user rights. Kompterny virus – it’s not black magic, and the program, just a computer program, so the virus infect the system average user may. Moreover, the computer is still new, it is a virus or old, very cunning, or rude – if not available privileges, carry the virus to the system folder and register it in the system registry autorun will not work in any way.
Regardless of whether we work at home or in the office, the system should always include only limited privileges. System administrators should have two accounts – and private, and administration, but only if you use the latest proven need. Type of the account you can specify in the Control Panel.
However, there are malicious programs that can be saved not only in the system folders, but in the User Profile – a so-called profile of the user. These programs are run every time a user logs into the system. Usually viruses of this type “come” on flash-drives, sent via instant messenger and e-mail, enter a computer with specially designed web pages. To combat this type of threat to the Windows-based systems there is a very simple and reliable security configuration – Software Restriction Policies.
What is Software Restriction Policies?
With SRP, you can create a “white list” of programs that are known to be allowed to run, and all the rest of the program will be blocked. For example, we tell the system “runs all of the folders C: \ Windows, C: \ Program Files, D: \ Games, and the rest is not allowed.” As a result, come to a flash drive virus quiet “breaks off,” not being able to run with the unresolved path E: \ or Z: \. Something tried to climb from a trusted website? It also will not start because it was stored in the user profile folder or the Temporary Internet Files% Temp%. And from there, we were not allowed to run anything! Sent via Skype «new super-duper screensaver”, is actually a Trojan horse, also starts.
Software Restriction Policies strongly compares favorably with any anti-virus software, Norton, Bitdefender, Kaspersky, NOD or Avast (the name and the manufacturer does not matter). SRP immediately discard all unauthorized, not penetrating it was there, good or bad.
In fact, the policy does not prevent the preservation of the body of the virus on the hard drive. SRP – not an antivirus program, it does not examine the contents of files. But the start is stored on a disk or flash-carrier potentially destructive program, she would not allow.
SRP does not have to download from somewhere, it’s already built into the system following Microsoft:
– Windows XP Professional, Windows XP Media Center 2005;
– Windows Vista Business, Windows Vista Enterprise & Ultimate;
– Windows 7 Professional, Windows 7 Enterprise & Ultimate;
– Windows Server 2003 and 2008 (all editions).
Software Restriction Policies can not guarantee absolute protection against malicious software, but its effectiveness can be at least several orders of magnitude greater than that of traditional antivirus programs. Success in improving the safety of your computer!