1 - Definition of a Nucleon Security Policy
A Nucleon security policy is a set of objects, rules and applications that ultimately regulate the system and network to limit the actions of processes performed on an endpoint.
A policy controls events of the following types:
- Read (file read),
- Write (file writing, renaming, deletion),
- Execute (program execution),
- Network (establishment of a network connection),
- Process access (requesting access to another process).
2- Exemple of rules in a policy
- Network access (browsers, Microsoft domains, etc.),
- Use of administration tools (powershell, wmi, vssadmin, cmd, etc.),
- Restricted access to certain file types (Office, Keepass, etc.),
- Access to other processes (lsass protection, etc.).
3- How it Works
- The blocks triggered by the security rules are managed and updated by the solution administrators or the support team following tickets sent by customers,
- Analysis of unknown files is triggered,
- The first rule 'matched' for a given event will be the rule applied.
Cet article a-t-il été utile ?
C'est super !
Merci pour votre commentaire
Désolé ! Nous n'avons pas pu vous être utile
Merci pour votre commentaire
Commentaires envoyés
Nous apprécions vos efforts et nous allons corriger l'article