drivelock security as a service managed endpoint protection · user interface settings taskbar...
TRANSCRIPT
DriveLock Security as a Service
Managed Endpoint Protection
Global Base Security
DriveLock SE 2020
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 2 of 40
Content
DriveLock Security as a ServiceManaged Endpoint Protection
Global Base SecurityContentScope of this documentGlobal Configuration
SettingsRemote control settings and permissionsAutomatic updatesUser Interface settings
Taskbar notification area settingsOffline unlock Control Panel settingsAgent user interface settingsCustom user notification messages
DrivesSettingsRemovable Drive locking
Floppy disk drivesCD-ROM drivesUSB bus connected drivesFirewire (1394) bus connected drivesSD card drives (SD-bus)Other removable drives
File filter templatesDefault Filter (All files R/W)Default Filter (All files Read only)File type definitionsFile type groups
DevicesDevice class locking
Devices / Network adaptersSmartphones
Apple devicesOther mobile devices
Network profilesSettings
ApplicationsSettingsApplication rules
Publisher certificate rulesAdobeAdobe Inc.Adobe Inc. AGS HelperAdobe Systems IncorporatedAdobe Systems IncorporatedAdobe Systems, IncorporatedAppleBitdefenderCisco AnyConnectCisco WebEx LLCDell Inc.DriveLock \AzCopy.exeDriveLock Update ServiceFirefoxFirefox InstallerFirefox Software UpdaterGoogleGoogle ChromeGoToMeetingHaufe-LexwareHPIntelLenovoLenovoLogMeIn, Inc.MicrosoftMicrosoft
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 3 of 40
Microsoft 3rd Party Application ComponentMicrosoft OutlookMicrosoft SettingsMicrosoft TeamsMozilla CorporationMozilla CorporationNotepad++VMWareWinGup for Notepad++
Special rulesAutomatic updates are being installedProgram file is part of .NET FrameworkProgram file is part of DriveLock / DriveLock Disk ProtectionProgram file is part of Windows operating system
Other rulesFile name or path rules
Security awarenessSettings
Security awareness user interface settingsSystems management
SettingsHardware and software inventoryClient compliance reporting settings
Self-Service groupsGlossary
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 4 of 40
Scope of this document
This document describes how the Policy configuration is defined for the Base-Security.
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 5 of 40
Global Configuration
Settings
Property Value
Permissions on DriveLock Agent services NT-AUTORITÄT\Authentifizierte Benutzer Query service information
NT-AUTORITÄT\SYSTEM Full control
Configure Internet Connection Firewall to allow remote control(Windows XP SP2 and newer)
Enabled
On startup, allow logon before DriveLock has completelystarted
Disabled
Enable periodic reloading of configuration file Enabled
Reload file every 30 minutes
Start DriveLock Agent in Safe Mode Enabled
Run DriveLock Agent in unstoppable mode Disabled
Simulation mode (for testing purposes) Disabled
Tenant / DriveLock Cloud synchronization Tenant: root, Event sync: Not configured
When impersonating users: Use "network logon" instead of"interactive logon"
Disabled
Remote control settings and permissions
Property Value
Agent remote control port 6064
Enable SSL (encrypted remote control communication) Enabled
Enforce SSL (disable unencrypted port) Disabled
SSL remote control port 6065
Certificate used for SSL communications Automatically create self-signed certificate on Agents
Show user notification message on agent when remoteconnection is established
Disabled
Agent remote control permissions VORDEFINIERT\Administratoren
Agent remote control read permissions No one
Automatic updates
Property Value
DriveLock Agent Enabled
DriveLock Management Console Disabled
DriveLock Control Center Disabled
Other engine Disabled
Use explict schedule Enabled
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 6 of 40
Schedules At am every day9:30 At 11 am every dayAt 12 pm every dayEvery 15 minutes starting at 14:15. Duration: 3 hour(s) dailyAt 3:30 pm every dayAt 4 pm every day
Randomize automatic update interval Disabled
User Interface settings
Taskbar notification area settings
Property Value
User notification type Popup window
Display notification area icon Enabled
Display icon only when a message is displayed Disabled
Display messages for 30 seconds
Offline unlock Control Panel settings
Property Value
Disable offline unlocking requests from Control Panel Disabled
Use short (weak) request / response codes Disabled
Show offline unlocking in context menu of notification areaicon
Disabled
Contact information (displayed in unlock wizard)
Security configuration Use Password
Password or certificate Configured
Agent user interface settings
Property Value
Enable Agent user interface Enabled
Active categories HomeEncryptionStatus
Active functions Home | Unlock agentEncryption | CreateEncryption | Create cloud storage folderEncryption | MountEncryption | RecoverEncryption | Manage certificates (DFP only)Network profiles | My network profilesStatus | DrivesStatus | DevicesStatus | SmartphonesStatus | Group Policy
In Windows Start menu display "DriveLock" under Start | Programs | DriveLock
Use agent UI instead of classic wizards when selectingoptions from taskbar icon menu
Enabled
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 7 of 40
Custom user notification messages
Property Value
Display message shortly before temporary unlock mode ends Disabled
Display custom message Disabled
Drives
Settings
Property Value
Audit drive insertion / removal / locking Enabled
Always allow access to administrators Disabled
Removable Drive locking
Floppy disk drives
Property Value
Lock status Locked with exceptions
Permissions list NT-AUTORITÄT\Authentifizierte Benutzer (Read / Write / Execute)
Filter files read from or written to drives of this type Disabled
Audit and shadow files read from or written to drives of thistype
Enabled
Filter / audit / shadow files using template Default Filter (All files R/W)
Display custom message in user notification Disabled
Also display message when access is granted Disabled
Display no message when this rule is activated Disabled
Do not generate audit events when this rule is activated Disabled
User must accept usage policy before rule will be applied Enabled
Require password for accepting usage policy Disabled
Scan for viruses before granting access to the drive Disabled
Run program when drive is connected and locked Disabled
Run program when drive is connected and not locked Disabled
Run program when drive is disconnected Disabled
CD-ROM drives
Property Value
Lock status Locked with exceptions
Permissions list NT-AUTORITÄT\Authentifizierte Benutzer (Read / Write / Execute)
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 8 of 40
Filter files read from or written to drives of this type Disabled
Audit and shadow files read from or written to drives of thistype
Enabled
Filter / audit / shadow files using template Default Filter (All files R/W)
Change hardware revision information to "Lock" whenCD/DVD writing is denied
Disabled
Change hardware vendor information Disabled
Do not filter CD/DVD-write operations (do not block CDburning)
Disabled
Do not intercept low-level hardware drivers Disabled
Disable Windows XP built-in CD writing (regardless ofpermissions)
Disabled
Disable soft blocking (do not hide CD/DVD writingcapabilities)
Disabled
Do not display user notification messages Disabled
Display custom message in user notification Disabled
Also display message when access is granted Disabled
Display no message when this rule is activated Disabled
Do not generate audit events when this rule is activated Disabled
User must accept usage policy before rule will be applied Enabled
Require password for accepting usage policy Disabled
Require drive to be encrypted Disabled
Require media authorization on this drive (CD/DVD drivesonly)
Disabled
Scan for viruses before granting access to the drive Disabled
Run program when drive is connected and locked Disabled
Run program when drive is connected and not locked Disabled
Run program when drive is disconnected Disabled
USB bus connected drives
Property Value
Lock status Locked with exceptions
Permissions list NT-AUTORITÄT\Authentifizierte Benutzer (Read / Write / Execute)
Filter files read from or written to drives of this type Disabled
Audit and shadow files read from or written to drives of thistype
Enabled
Filter / audit / shadow files using template Default Filter (All files R/W)
Display custom message in user notification Disabled
Also display message when access is granted Disabled
Display no message when this rule is activated Disabled
Do not generate audit events when this rule is activated Disabled
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 9 of 40
User must accept usage policy before rule will be applied Enabled
Require password for accepting usage policy Disabled
Require drive to be encrypted Disabled
Require media authorization on this drive (CD/DVD drivesonly)
Disabled
Scan for viruses before granting access to the drive Disabled
Run program when drive is connected and locked Disabled
Run program when drive is connected and not locked Disabled
Run program when drive is disconnected Disabled
Firewire (1394) bus connected drives
Property Value
Lock status Locked with exceptions
Permissions list NT-AUTORITÄT\Authentifizierte Benutzer (Read / Write / Execute)
Filter files read from or written to drives of this type Disabled
Audit and shadow files read from or written to drives of thistype
Enabled
Filter / audit / shadow files using template Default Filter (All files R/W)
Display custom message in user notification Disabled
Also display message when access is granted Disabled
Display no message when this rule is activated Disabled
Do not generate audit events when this rule is activated Disabled
User must accept usage policy before rule will be applied Enabled
Require password for accepting usage policy Disabled
Require drive to be encrypted Disabled
Require media authorization on this drive (CD/DVD drivesonly)
Disabled
Scan for viruses before granting access to the drive Disabled
Run program when drive is connected and locked Disabled
Run program when drive is connected and not locked Disabled
Run program when drive is disconnected Disabled
SD card drives (SD-bus)
Property Value
Lock status Locked with exceptions
Permissions list NT-AUTORITÄT\Authentifizierte Benutzer (Read / Write / Execute)
Filter files read from or written to drives of this type Disabled
Audit and shadow files read from or written to drives of thistype
Enabled
Filter / audit / shadow files using template Default Filter (All files R/W)
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 10 of 40
Display custom message in user notification Disabled
Also display message when access is granted Disabled
Display no message when this rule is activated Disabled
Do not generate audit events when this rule is activated Disabled
User must accept usage policy before rule will be applied Enabled
Require password for accepting usage policy Disabled
Require drive to be encrypted Disabled
Require media authorization on this drive (CD/DVD drivesonly)
Disabled
Scan for viruses before granting access to the drive Disabled
Run program when drive is connected and locked Disabled
Run program when drive is connected and not locked Disabled
Run program when drive is disconnected Disabled
Other removable drives
Property Value
Lock status Locked with exceptions
Permissions list NT-AUTORITÄT\Authentifizierte Benutzer (Read / Write / Execute)
Filter files read from or written to drives of this type Disabled
Audit and shadow files read from or written to drives of thistype
Enabled
Filter / audit / shadow files using template Default Filter (All files R/W)
Display custom message in user notification Disabled
Also display message when access is granted Disabled
Display no message when this rule is activated Disabled
Do not generate audit events when this rule is activated Disabled
User must accept usage policy before rule will be applied Enabled
Require password for accepting usage policy Disabled
Require drive to be encrypted Disabled
Require media authorization on this drive (CD/DVD drivesonly)
Disabled
Scan for viruses before granting access to the drive Disabled
Run program when drive is connected and locked Disabled
Run program when drive is connected and not locked Disabled
Run program when drive is disconnected Disabled
File filter templates
Default Filter (All files R/W)
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 11 of 40
Property Value
Template description Default Filter (All files R/W)
Comment allow all files R/W
Rule unique identifier 2a3417ef-8fb7-424b-bdb4-f45598b18416
When reading files Allow all files
When writing files Allow all files
Shadowing settings None
Audit files All files
Audit conditions All
User exceptions Rule is active for all users and groups
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Users to exclude from shadowing and auditing NT-AUTORITÄT\SYSTEM
Also exclude these users from file filtering Enabled
Default Filter (All files Read only)
Property Value
Template description Default Filter (All files Read only)
Comment Default Filter (All files Read only)
Rule unique identifier af5284ef-9107-4f8f-a696-3aaa158da86b
When reading files Allow all files
When writing files Allow only selected extensions
File extensions to filter when writing files None
File type groups to filter when writing files
Block files which are not content scanned Enabled
Shadowing settings None
Audit files All files
Audit conditions All
User exceptions Rule is active for all users and groups
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Users to exclude from shadowing and auditing NT-AUTORITÄT\SYSTEM
Also exclude these users from file filtering Enabled
File type definitions
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 12 of 40
386, 3G2, 3GP, 7Z, AAC, ACCDB, ACCDE, ACCDR, ACCDT, ACE, AI, AIF, ANI, APK, ARC, ARJ, ASF, AVI, AX, BAT, BKF, BMP, BUP, CAB, CBR, CDR, CHM,CMD, COM, CPL, CRX, CSV, CUE, DLL, DLV, DMG, DOC, DOCM, DOCX, DOT, DOTM, DOTX, DSS, DVX, DWG, DXF, EPS, EPUB, EXE, FLT, FLV, FON,GADGET, GDOC, GDRAW, GIF, GSHEET, GSLIDES, GZ, GZIP, HEIC, HEIF, ICO, IFO, IND, INDD, INI, ISO, ITL, JAR, JFIF, JPE, JPEG, JPG, JS, JSE, KEY,LHA, LOG, LZH, M4A, M4P, M4V, MDB, MDE, MDF, MDI, MID, MIDI, MK3D, MKA, MKS, MKV, MOV, MP2, MP3, MP4, MPEG, MPG, MPP, MSG, MSI, MSP,MSM, MSP, NUMBERS, OCX, ODM, ODP, ODT, OGG, ONE, OST, OTF, OTP, OTT, PAGES, PDF, PIF, PKG, PNG, POTM, POTX, PPAM, PPS, PPSM, PPSX,PPT, PPTM, PPTX, PPZ, PS, PS1, PSD, PSP, PSPIMAGE, PST, RAR, REG, RM, RPM, RPT, RTF, SCR, SITX, SNP, SQL, SVG, SWF, SYS, TGA, TGZ, TIF,TIFF, TOAST, TTF, TXT, VBE, VBS, VDX, VHD, VHDX, VMDK, VMSN, VOB, VS, VSD, VXD, WAV, WEBM, WIZ, WMA, WMF, WMV, WPD, WPS, WSF, XAR,XIP, XLA, XLAM, XLR, XLS, XLSB, XLSM, XLSX, XLT, XLTX, XPI, XPS, Z, ZIP, ZIPX
File type groups
Property Value
Archives ACE, ARJ, CAB, GZIP, IMH, ISO, JAR, LZH, RAR, TAR, Z, ZIP
Audio files AAC, M4A, M4P, MID, MP3, MP4, WMAWAV,
CAD files DWG, DXF
Certificate files CER, CRT, DER, P12, P7B, P7C, PEM, PFX
Database files ACCDB, DBF, MDB, MDF
Disk image files BIN, CUE, DMG, ISO, TOAST
Executables BAT, CMD, COM, DLL, EXE, JS, JSE, OCX, PIF, PS1, SCR, SYS, VBE, VBS,VS
Font files FON, PTF, TTF
Images BMP, GIF, JPEG, JPG, PNG, PSD PSP, TGA, TIFF
Office documents ACCDB, DOC, DOCX, MDB, PDF, PPS, PPSX, PPT, PPTX, PRJ, TMP, XLS,XLSX, XPS
Temporary files ., TEMP, TMP
Text documents LOG, PS, TXT
Video files AVI, BUP, DIVX, DVX, IFO, MPEG, MPG, MPG2, VOB, WMV
Virtual disks VHD, VMDK, VMSN
Devices
Device class locking
Devices / Network adapters
Property Value
Enable locking and auditing devices of this type Disabled
Audit device events for devices of this type Enabled
Do not show user notifications for devices of this type Disabled
Do not lock system devices of this type Enabled
Disabled locked devices in device manager Disabled
Do not restart these devices when another user logs on(Windows XP and later)
Enabled
Do not restart these devices when another user logs on(Windows 2000)
Disabled
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 13 of 40
Smartphones
Apple devices
Property - Apple devices Value
Lock status Locked with exceptions
Permissions list NT-AUTORITÄT\Authentifizierte Benutzer
Filter files read from or written to drives of this type Disabled
Audit and shadow files read from or written to drives of thistype
Enabled
Filter / audit / shadow files using template Default Filter (All files R/W)
iTunes - Always block selected synchronisation types Disabled
iTunes - Audit all transferred files and data Enabled
iTunes - Audit system files and objects Enabled
Display custom message in user notification Disabled
Also display message when access is granted Disabled
Display no message when this rule is activated Disabled
Do not generate audit events when this rule is activated Disabled
User must accept usage policy before rule will be applied Enabled
Require password for accepting usage policy Disabled
Other mobile devices
Windows Mobile handheld devices and SmartphonesPalm OS handheld devices and SmartphonesBlackBerry devicesMobile phonesAndroid devices
Property Value
Enable locking and auditing devices of this type Enabled
Audit device events for devices of this type Enabled
Do not show user notifications for devices of this type Disabled
Do not lock system devices of this type Enabled
Do not restart these devices when another user logs on Disabled
Filter files read from or written to drives of this type Disabled
Audit and shadow files read from or written to drives of thistype
Enabled
Filter / audit / shadow files using template Default Filter (All files R/W)
User must accept usage policy before rule will be applied Enabled
Require password for accepting usage policy Disabled
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 14 of 40
Network profiles
Settings
Property Value
Allow users to configure personal networking profiles Disabled
Taskbar notification area settings -User notification type
Popup window
Taskbar notification area settings -Display notification area icon
Disabled
Taskbar notification area settings -Display messages for
30 seconds
Applications
Settings
Property Value
Scanning and blocking mode Whitelist
Hash algorithm to use for hash-based rules SHA-512
Always audit application execution (independent of blockingmode)
Enabled
Local whitelist and predictive whitelisting Enabled with predictive whitelisting
Upload local Whitelist to DES Disabled
Application rules
Publisher certificate rules
Adobe
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Adobe
Rule unique identifier 5d96939c-63ce-49fb-a03c-7bd313bf3352
Comment
Certificate subject CN="Adobe Systems, Incorporated", OU=Acrobat DC, O="Adobe Systems,Incorporated", L=San Jose, S=California, C=US, PostalCode=95110,STREET=345 Park Ave, SERIALNUMBER=2748129,OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US,OID.2.5.4.15=Private Organization
Certificate issuer CN=DigiCert EV Code Signing CA (SHA2), OU= , O=DigiCertwww.digicert.comInc, C=US
Certificate unique ID type Do not check
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 15 of 40
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Adobe Inc. Back to top
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Adobe Inc.
Rule unique identifier a274f26e-55ea-4017-ba5a-100fb129ed37
Comment
Certificate subject CN=Adobe Inc., OU=Acrobat DC, O=Adobe Inc., L=San Jose, S=ca, C=US,SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization,OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
Certificate issuer CN=DigiCert EV Code Signing CA (SHA2), OU= , O=DigiCertwww.digicert.comInc, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Adobe Inc. AGS Helper Back to top
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Adobe Inc. AGS Helper
Rule unique identifier ce4b7022-8829-4246-98dd-3b6526be5df5
Comment
Certificate subject CN=Adobe Inc., OU=AAM 256, O=Adobe Inc., L=San Jose, S=ca, C=US,SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization,OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
Certificate issuer CN=DigiCert EV Code Signing CA (SHA2), OU= , O=DigiCertwww.digicert.comInc, C=US
Certificate unique ID type Serial number
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 16 of 40
Unique ID data 06F24D9F4DB07BD7ECAD067F5EE26C29
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Adobe Systems Incorporated Back to top
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Adobe Systems Incorporated
Rule unique identifier 8bb8f80b-bbb5-4ddb-b3b2-55a382763b41
Comment
Certificate subject CN=Adobe Systems Incorporated, OU=AAM 256, O=Adobe SystemsIncorporated, L=San Jose, S=California, C=US, SERIALNUMBER=2748129,OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US,OID.2.5.4.15=Private Organization
Certificate issuer CN=DigiCert EV Code Signing CA (SHA2), OU= , O=DigiCertwww.digicert.comInc, C=US
Certificate unique ID type Thumbprint
Unique ID data 369DF9FC7FB17A718028AC9E4EDDFD09E8D1080A
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Adobe Systems Incorporated Back to top
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Adobe Systems Incorporated
Rule unique identifier b0cf5682-69db-4769-a476-e7feb82215f5
Comment
Certificate subject CN=Adobe Systems Incorporated, OU=AAM 256, O=Adobe SystemsIncorporated, L=San Jose, S=California, C=US, SERIALNUMBER=2748129,OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware,OID.1.3.6.1.4.1.311.60.2.1.3=US
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 17 of 40
Certificate issuer CN=Symantec Class 3 Extended Validation Code Signing CA, OU=SymantecTrust Network, O=Symantec Corporation, C=US
Certificate unique ID type Thumbprint
Unique ID data A41629FDB16344E7D3398B68AE68C7D064F52180
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Adobe Systems, Incorporated Back to top
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Adobe Systems, Incorporated
Rule unique identifier 5ad50a51-208b-41e5-8e54-df9d3d0e2f50
Comment
Certificate subject CN="Adobe Systems, Incorporated", OU=Acrobat 11, O="Adobe Systems,Incorporated", L=San Jose, S=California, C=US, PostalCode=95110,STREET=345 Park Ave, SERIALNUMBER=2748129,OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US,OID.=Pri
Certificate issuer CN=DigiCert EV Code Signing CA (SHA2), OU= , O=DigiCertwww.digicert.comInc, C=US
Certificate unique ID type Thumbprint
Unique ID data 4A92F984C7B48596B8C8DD91559774766C530DC0
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Apple
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Apple
Rule unique identifier a51c8391-b25b-48b8-a969-b41ea88c8893
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 18 of 40
Comment
Certificate subject CN=Apple Inc., O=Apple Inc., L=Cupertino, S=California, C=US
Certificate issuer CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec TrustNetwork, O=Symantec Corporation, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Bitdefender
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Bitdefender
Rule unique identifier bb943a0b-9d56-49f0-8c17-b165768c3f16
Comment
Certificate subject CN=Bitdefender SRL, OU=PD, O=Bitdefender SRL, L=Bucharest, S=Romania,C=RO
Certificate issuer CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US.verisign.com/rpa
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Cisco AnyConnect
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Cisco AnyConnect
Rule unique identifier 2386c444-0200-466c-9e1e-dcdec8791c9c
Comment
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 19 of 40
Certificate subject CN="Cisco Systems, Inc.", OU=Endpoint Security, O="Cisco Systems, Inc.",L=San Jose, S=California, C=US
Certificate issuer CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec TrustNetwork, O=Symantec Corporation, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Cisco WebEx LLC Back to top
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Cisco WebEx LLC
Rule unique identifier 9414f888-b4bc-4d0a-b16a-326e90a72dc3
Comment
Certificate subject CN=Cisco WebEx LLC, O=Cisco WebEx LLC, L=San Jose, S=California,C=US
Certificate issuer CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec TrustNetwork, O=Symantec Corporation, C=US
Certificate unique ID type Thumbprint
Unique ID data 0EC5E1E04D6F373C0AC80D14A703A565ABD3B2F8
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Dell Inc. Back to top
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Dell Inc.
Rule unique identifier 780692ce-4359-4810-aaf5-34ec3c380d91
Comment
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 20 of 40
Certificate subject CN=Dell Inc., OU=Product Group Release Engineering, O=Dell Inc., L=RoundRock, S=Texas, C=US
Certificate issuer CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US.verisign.com/rpa
Certificate unique ID type Thumbprint
Unique ID data B13B89BABC4F77D681ADEFB714EE6090146079D1
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
DriveLock \AzCopy.exe Back to top
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description DriveLock \AzCopy.exe
Rule unique identifier 838556ca-1a7f-4b69-abdb-f404e385d020
Comment
Certificate subject CN=Microsoft Windows, OU=MOPR, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate issuer CN=Microsoft Windows Verification PCA, O=Microsoft Corporation,L=Redmond, S=Washington, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison and above
Executable version 1.0.8698.584
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
DriveLock Update Service
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description DriveLock Update Service
Rule unique identifier 9e3d96c7-7fa2-4456-b53e-88892e7d4f31
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 21 of 40
Comment
Certificate subject CN=DriveLock SE, O=DriveLock SE, L=München, S=Bayern, C=DE
Certificate issuer CN=DigiCert Assured ID Code Signing CA-1, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Do not check
Executable description DriveLock Update Service
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Firefox
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Firefox
Rule unique identifier 4bdbb51e-0f1b-46a4-9176-c805302b187f
Comment
Certificate subject CN=Mozilla Corporation, O=Mozilla Corporation, L=Mountain View,S=California, C=US
Certificate issuer CN=DigiCert SHA2 Assured ID Code Signing CA, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Do not check
Executable description Firefox
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Firefox Installer
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Firefox
Rule unique identifier 05f7245f-ec11-4a26-8fc6-1a696c089551
Comment
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 22 of 40
Certificate subject E="release+certificates@ ", CN=Mozilla Corporation, OU=Releasemozilla.comEngineering, O=Mozilla Corporation, L=Mountain View, S=California, C=US
Certificate issuer CN=DigiCert SHA2 Assured ID Code Signing CA, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Do not check
Executable description Firefox
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Firefox Software Updater
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Firefox Software Updater
Rule unique identifier 9e1d5e70-f4d7-4850-8d4a-eb703b1f3eb2
Comment
Certificate subject CN=Mozilla Corporation, O=Mozilla Corporation, L=Mountain View,S=California, C=US
Certificate issuer CN=DigiCert SHA2 Assured ID Code Signing CA, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Do not check
Executable description Firefox Software Updater
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Google
Rule unique identifier 4fb8f91b-3cc0-4649-a167-0a51b6dd7a6b
Comment
Certificate subject CN=Google Inc, O=Google Inc, L=Mountain View, S=California, C=US
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 23 of 40
Certificate issuer CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Google Chrome
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Google Chrome
Rule unique identifier b9d3ad53-ee1c-4279-9526-7fc4f33bacb8
Comment
Certificate subject CN=Google LLC, O=Google LLC, L=Mountain View, S=ca, C=US
Certificate issuer CN=DigiCert SHA2 Assured ID Code Signing CA, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
GoToMeeting
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description GoToMeeting
Rule unique identifier 3f535265-3671-49f0-9f94-73665bad16bc
Comment
Certificate subject CN="LogMeIn, Inc.", O="LogMeIn, Inc.", L=Boston, S=Massachusetts, C=US
Certificate issuer CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec TrustNetwork, O=Symantec Corporation, C=US
Certificate unique ID type Do not check
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 24 of 40
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Haufe-Lexware Back to top
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Haufe-Lexware
Rule unique identifier 79021185-b46b-439a-81ae-22802f63598d
Comment
Certificate subject CN=Haufe-Lexware GmbH & Co. KG, OU=SWD, OU=Digital ID Class 3 -Microsoft Software Validation v2, O=Haufe-Lexware GmbH & Co. KG,L=Freiburg, S=Baden-Wuerttemberg, C=DE
Certificate issuer CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US.verisign.com/rpa
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
HP
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description HP
Rule unique identifier 268c2bf4-6e85-4215-85d2-f550b26c2151
Comment
Certificate subject CN=Hewlett Packard, OU=Desktop Consumer Solutions, OU=Digital ID Class3 - Microsoft Software Validation v2, O=Hewlett Packard, L=San Diego,S=California, C=US
Certificate issuer CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://ww (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.",w.verisign.com/rpa
C=US
Certificate unique ID type Do not check
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 25 of 40
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Intel
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Intel
Rule unique identifier 2257175c-be5e-45e9-945a-dae1e70f6043
Comment
Certificate subject CNCN=Intel(R) Wireless Connectivity Solutions, O=Intel Corporation, L=SantaClara, S=CA, C=US
Certificate issuer =Intel External Basic Issuing CA 3B, O=Intel Corporation, L=Santa Clara,S=CA, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Lenovo
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Lenovo
Rule unique identifier 73d0412e-e927-4268-a34b-582ac7ed3424
Comment
Certificate subject CN=Lenovo, OU=G09, O=Lenovo, L=Morrisville, S=North Carolina, C=US
Certificate issuer CN=Symantec Class 3 SHA256 Code Signing CA - G2, OU=Symantec TrustNetwork, O=Symantec Corporation, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 26 of 40
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Lenovo
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Lenovo
Rule unique identifier 845bf0cb-29cd-4662-a334-de2aa4c70079
Comment
Certificate subject CN=Lenovo, OU=G10, O=Lenovo, L=Morrisville, S=North Carolina, C=US
Certificate issuer CN=Symantec Class 3 SHA256 Code Signing CA - G2, OU=Symantec TrustNetwork, O=Symantec Corporation, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
LogMeIn, Inc.
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description LogMeIn, Inc.
Rule unique identifier cc6836f8-b19e-4a83-8a21-3ebcfd2f2a0b
Comment
Certificate subject CN="LogMeIn, Inc.", O="LogMeIn, Inc.", L=Boston, S=Massachusetts, C=US
Certificate issuer CN=DigiCert SHA2 Assured ID Code Signing CA, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Thumbprint
Unique ID data 700249EAAEB19956D04C89488549A6587D1A8C81
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 27 of 40
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Microsoft
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Microsoft
Rule unique identifier 26a78e04-9317-41cf-8539-30b5e2a568f6
Comment
Certificate subject CN=Microsoft Corporation, OU=AOC, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate issuer CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Microsoft
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Microsoft
Rule unique identifier da7c6723-747b-4389-ba19-6fe6e03bb322
Comment
Certificate subject CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate issuer CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 28 of 40
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Microsoft 3rd Party Application Component
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Microsoft 3rd Party Application Component
Rule unique identifier 80c2aec1-cc85-47bc-ab33-93dfcd4e83b0
Comment
Certificate subject CN=Microsoft 3rd Party Application Component, O=Microsoft Corporation,L=Redmond, S=Washington, C=US
Certificate issuer CN=Microsoft Code Signing PCA 2011, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate unique ID type Thumbprint
Unique ID data 32F28ACBC1B26F28D0EF6773E3E6FBF5E13F3BB0
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Microsoft Outlook
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Microsoft Outlook
Rule unique identifier 9bfb954f-c0af-4e86-9644-0deaaa690365
Comment
Certificate subject CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate issuer CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 29 of 40
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Microsoft Settings
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Microsoft Settings
Rule unique identifier 3f1789a4-c9fe-481b-99c0-1e333b77be6e
Comment
Certificate subject CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate issuer CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation,L=Redmond, S=Washington, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Microsoft Teams
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Microsoft Teams
Rule unique identifier b577bf75-807b-4351-a103-a3de301127a4
Comment
Certificate subject CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate issuer CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond,S=Washington, C=US
Certificate unique ID type Do not check
Executable description Microsoft Teams
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 30 of 40
Rule is active during selected hours No restriction (Any time)
Mozilla Corporation
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Mozilla Corporation
Rule unique identifier c032790a-c275-484c-b082-eac4e0c2cca3
Comment
Certificate subject CN=Mozilla Corporation, O=Mozilla Corporation, L=Mountain View,S=California, C=US
Certificate issuer CN=DigiCert SHA2 Assured ID Code Signing CA, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Thumbprint
Unique ID data 50600FD631998451C8F75EF3F618E31FC74D1585
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Mozilla Corporation
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Mozilla Corporation
Rule unique identifier 6abb26d4-14b1-48bb-97be-dba1ae6ecb20
Comment
Certificate subject E="release+certificates@ ", CN=Mozilla Corporation, OU=Releasemozilla.comEngineering, O=Mozilla Corporation, L=Mountain View, S=California, C=US
Certificate issuer CN=DigiCert SHA2 Assured ID Code Signing CA, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 31 of 40
Rule is active during selected hours No restriction (Any time)
Notepad++
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description Notepad++
Rule unique identifier a98fda91-391d-4fae-980d-b0489da7b4ea
Comment
Certificate subject CN="Notepad++", O="Notepad++", L=Saint Cloud, S=Ile-de-France, C=FR
Certificate issuer CN=DigiCert SHA2 High Assurance Code Signing CA, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Thumbprint
Unique ID data 9659849A76342C3DB71735F4C49449B29D453CA4
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
VMWare
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description VMWare
Rule unique identifier 5774d142-89c5-48ab-9d07-ff6216158a91
Comment
Certificate subject CN="VMware, Inc.", O="VMware, Inc.", L=Palo Alto, S=California, C=US
Certificate issuer CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US.verisign.com/rpa
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 32 of 40
WinGup for Notepad++
Property Value
Rule scope Publisher certificate
Rule type Whitelist
Description WinGup for Notepad++
Rule unique identifier f6c624bd-8c9a-467f-8797-08f088ace670
Comment
Certificate subject CN="Notepad++", O="Notepad++", L=Saint Cloud, S=Ile-de-France, C=FR
Certificate issuer CN=DigiCert SHA2 Assured ID Code Signing CA, OU= ,www.digicert.comO=DigiCert Inc, C=US
Certificate unique ID type Do not check
Executable description *
Executable version comparison Do not check
Template is active for NT-AUTORITÄT\Authentifizierte Benutzer
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Special rules
Automatic updates are being installed
Property Value
Rule scope Special condition
Rule type Whitelist
Description Automatic updates are being installed
Rule unique identifier 0a1a100c-734a-44d8-88f4-5ab38893c9f8
Comment
Rule is selected when Automatic updates are being installed
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Program file is part of .NET Framework
Property Value
Rule scope Special condition
Rule type Whitelist
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 33 of 40
Description Program file is part of .NET Framework
Rule unique identifier fd8145b5-bd6b-4d31-840e-2dce4f63d7dd
Comment
Rule is selected when Program file is part of .NET Framework
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Program file is part of DriveLock / DriveLock Disk Protection
Property Value
Rule scope Special condition
Rule type Whitelist
Description Program file is part of DriveLock / DriveLock Disk Protection
Rule unique identifier ff9d6c81-737e-4cd2-ba04-35ab7d8990f5
Comment
Rule is selected when Program file is part of DriveLock / DriveLock Disk Protection
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Program file is part of Windows operating system
Property Value
Rule scope Special condition
Rule type Whitelist
Description Program file is part of Windows operating system
Rule unique identifier 9932c258-a96e-40e8-b226-8687fd68ab6a
Comment
Rule is selected when Program file is part of Windows operating system
Include additional operating system add-ons Enabled
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Other rules
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 34 of 40
File name or path rules
AppData-Path
Property Value
Rule scope Path of executable
Rule type Whitelist
Description AppData-Path
Rule unique identifier c23c2450-c63b-48a7-95e2-301d6d57b727
Comment
Path c:\users\*\AppData\Local
Check for substring (directory or process name) Disabled
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
C:\Program Files\WindowsApps\
Property Value
Rule scope Path of executable
Rule type Whitelist
Description C:\Program Files\WindowsApps\
Rule unique identifier 283d7a13-0c3e-4510-895e-32b84d38c5a6
Comment
Path c:\Program Files\WindowsApps\
Check for substring (directory or process name) Enabled
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
UsoClient
Property Value
Rule scope Path of executable
Rule type Whitelist
Description UsoClient
Rule unique identifier 029b67e3-0786-44d3-af5c-0c46af4238ed
Comment Update Orchestrator Service / Part of Windows Update
Path c:\Windows\System32\UsoClient.exe
Check for substring (directory or process name) Disabled
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 35 of 40
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Windows Modules Installer
Property Value
Rule scope Path of executable
Rule type Whitelist
Description Windows Modules Installer
Rule unique identifier 32f2e2d5-2ac9-4d5d-89ac-a6620021a75d
Comment
Path c:\Windows\servicing\TrustedInstaller.exe
Check for substring (directory or process name) Disabled
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Windows Update Standalone Installer
Property Value
Rule scope Path of executable
Rule type Whitelist
Description Windows Update Standalone Installer
Rule unique identifier 4ca0504f-729c-4e84-ba07-b40fa28643ff
Comment
Path c:\Windows\System32\wusa.exe
Check for substring (directory or process name) Disabled
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
HostAppServiceUpdaterMetrics.exe
Property Value
Rule scope Path of executable
Rule type Whitelist
Description HostAppServiceUpdaterMetrics.exe
Rule unique identifier 24a88ace-1cad-475a-9c0f-c5c48a7b7dad
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 36 of 40
Comment
Path HostAppServiceUpdaterMetrics.exe
Check for substring (directory or process name) Enabled
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Speech Model Download Executable
Property Value
Rule scope Path of executable
Rule type Whitelist
Description Speech Model Download Executable
Rule unique identifier ac683d9c-1fcf-44c9-a3dc-efee02be222c
Comment
Path C:\Windows\System32\Speech_OneCore\common\SpeechModelDownload.exe
Check for substring (directory or process name) Disabled
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
WinBioPlugIns\FaceFodUninstaller.exe
Property Value
Rule scope Path of executable
Rule type Whitelist
Description WinBioPlugIns\FaceFodUninstaller.exe
Rule unique identifier 2b176199-17f2-4260-ae76-9c7b14dc9995
Comment
Path WinBioPlugIns\FaceFodUninstaller.exe
Check for substring (directory or process name) Enabled
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
\SpeechRuntime.exe
Property Value
Rule scope Path of executable
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 37 of 40
Rule type Whitelist
Description \SpeechRuntime.exe
Rule unique identifier 90642682-fe71-4e9f-8cf2-e2e828c73a86
Comment
Path System32\Speech_OneCore\common\SpeechRuntime.exe
Check for substring (directory or process name) Enabled
Template is active for Everyone
Computer exceptions Rule is active on any computer
Network exceptions Rule is active in any network location
Rule is active during selected hours No restriction (Any time)
Security awareness
Settings
Security awareness user interface settings
Property Value
Show new content... Once per week
Automatically show awareness information after a user logson
Disabled
Show content for ... seconds before allowingacknowledgement or other functions
Disabled
Allow users to page through available content Enabled
Show custom texts for acknowledging of campaign elements Disabled
Systems management
Settings
Hardware and software inventory
Property Value
Collection of inventory data Enabled
Collect device information Enabled
Collect drive information Enabled
Collect installed software information Enabled
Collect patch and hotfix information Enabled
Inventory starts Every 1 days
Start at fixed time Disabled
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 38 of 40
Client compliance reporting settings
Self-Service groups
Property Value
Description DriveLock Cloud Base
Comment
Rule unique identifier 33a3d20b-b388-4b73-9372-68091fd23176
Users able to manage computers NT-AUTORITÄT\Authentifizierte Benutzer
Computers manageable by users < Local computer >
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 39 of 40
Glossary
AD Active Directory
ALF Application Launch Filter
AV Anti-Virus
CSP Centrally Stored Policy
DB Data Base
DCC DriveLock Control Center
DES DriveLock Enterprise Service
DL DriveLock
DLV Extension for DriveLock Encrypted File-Containers (DriveLock Volume)
DMC DriveLock Management Console
FDE Full Disk Encryption
FFE File & Folder Encryption
MMC See DMC
MSSP Managed Security Service Provider
SecaaS Security as a Service
SOT Security Operations Team
VM Virtual Machine
VPN Virtual Private Network
CSP 10-Global-Base-Security
31-Mar-2020 12:03:21 / v.53© 2020 DriveLock SE. All rights reserved. Page 40 of 40
Copyright
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwisenoted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depictedherein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, orevent is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user.
© 2020 DriveLock SE. All rights reserved.
DriveLock and others are either registered trademarks or trademarks of DriveLock SE or its subsidiaries in the United States and/or othercountries.
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.