1 - Definition of a Nucleon Security Policy
A Nucleon security policy is a set of objects, rules and applications that ultimately regulate the system and network to limit the actions of processes performed on an endpoint.
A policy controls events of the following types:
- Read (file read),
- Write (file writing, renaming, deletion),
- Execute (program execution),
- Network (establishment of a network connection),
- Process access (requesting access to another process).
2- Exemple of rules in a policy
- Network access (browsers, Microsoft domains, etc.),
- Use of administration tools (powershell, wmi, vssadmin, cmd, etc.),
- Restricted access to certain file types (Office, Keepass, etc.),
- Access to other processes (lsass protection, etc.).
3- How it Works
- The blocks triggered by the security rules are managed and updated by the solution administrators or the support team following tickets sent by customers,
- Analysis of unknown files is triggered,
- The first rule 'matched' for a given event will be the rule applied.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article