Configure Windows Security Settings

Controls the behavior of Windows Firewall, Remote Desktop, AutoRun, etc., configured on the system. Supports various Windows security settings such as time synchronization, guest account restrictions, and power management.

  • Prevents RID hijacking (an attack that elevates guest account privileges) through guest account locking.
  • Attacks that attempt brute-force passwords against the RDP (Remote Desktop) protocol.
  1. Go to Policy in the top menu.
  2. In the left Policy menu, go to Policy > Node Policy > Node Action.
  3. In the Node Action management window, find and click Windows Security Settings.

The Basic Settings are below.

  1. For CWP Message, add a message to display according to the policy.
  2. For Label, adding a label allows you to categorize the plugin with a custom label displayed in the "Description" input field.

Configure the Action Execution Settings below.

  1. Set Guest Account Lock to On to disable the guest account.
  2. Select Force Use in Windows Firewall to enable Windows Firewall settings.
  3. Select Disable in Remote Desktop to disable Remote Desktop usage. (e.g., media, external devices, others)
  4. Select Disable in Recovery Console Auto Logon to disable allowing automatic administrative logon for the recovery console.
  5. Select Disable in AutoRun to disable autorun for external devices.
  6. Select Force Use in Time Synchronization Server to apply time synchronization with the NTP (Network Time Protocol) server. Enter the Time Synchronization Server Address and Synchronization Cycle.
  7. Select Force Use in Password Protection on Resume from Sleep to apply password protection settings on resume from sleep. (Ensures password input appears from a logged-off state when resuming from sleep)
  8. In Turn on Fast Startup, set the fast startup option for power button behavior. (Windows 8 or later)
  9. In Windows XP Scheduled Tasks, set Disable to control only scheduled tasks for Windows XP.
  10. Click the Modify button.
  11. In the left Policy menu, go to Node Policy.
  12. In the Node Policy window, click Default Policy.
  13. Find Node Action Settings and click the Assign button.
  14. In the Available items, find Windows Security Settings and drag it to the Selected items.
  15. Click the Add button.
  16. Click the Modify button.