[FAQ] Lock-Down Mode

Started by fixer, October 22, 2018, 12:22:25 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

fixer

October 22, 2018, 12:22:25 PM
From help file:
QuoteWhen "Lock-Down Mode" is enabled, ReHIPS works silently without notification messages showing. ReHIPS blocks all unknown and untrusted programs according to its database and Protection mode.
Lock-Down Mode is really useful in some cases, but it should be used with care. Let's talk about it.

There are 2 main scenarios where Lock-Down Mode comes in really handy.

1. Time "windows" when ReHIPS Control Center isn't connected to Service. This includes "windows" when Windows starts or shuts down and ReHIPS Control Center hasn't yet started or already exited, maybe some really rare cases when Control Center crashes (that's definitely a bug and should be fixed, but we have to be ready for anything) or when remote connection (corporate editions support remote administration) is lost because of network issues. When ReHIPS Control Center isn't connected to Service, ReHIPS doesn't filter processes as without its main GUI it won't be able to ask user and silently blocking processes may not be a good idea. Unless Lock-Down Mode is enabled. In this case Lock-Down Mode without GUI is the best option.

2. Headless ReHIPS installation. This use-case scenario is more corporate than home user. For example it's useful in domain environments where administrator does all the installation and setup and ReHIPS provides high level of security working completely without GUI not to bother accountants or other employees with technicalities. Or for example it's perfect for computers with rarely changing set of programs like ATM, payment terminals, etc. In this case enabled Lock-Down Mode is really useful.

But make sure you know what you're doing before you enable this mode. If you have this mode enabled and some critical or important system process isn't allowed when you boot, your system may become unstable. Of course there is nothing irreversible, you can always boot in safe mode (ReHIPS doesn't automatically load in this mode allowing you to troubleshoot freely) or manually edit settings.xml file (even with notepad) setting this option to false thus disabling it. But it's always best to prevent than to fix the consequences. So double check everything before you enable this mode.

Umbra

#1
November 13, 2018, 03:11:46 AM
The best way to use Lockdown Mode is (on a obviously clean system), to restart the system in learning mode 2-3 times, then set Lockdown Mode.
Critical processes should be whitelisted then Lockdown mode shouldnt causes issues. Of course,  this should be done after every Windows umulative updates.
Print
Go Up Pages1
User actions