ProcessGuard Suggestions / Wish list

Re: Process Guard Suggestions / Wish list

Somesort of lifetime membership to PG for a certain price would be nice

 

Re: Process Guard Suggestions / Wish list

This is a great product, however, some of my script commands execute _8-9_TIMES_MORE_SLOWLY_ when 'Execution Protection' is enabled

Quick Fix: Allow individual program files (or trusted directories) that do not undergo hash code checks. The user, of course, assumes full responsibility for their safety.

A more robust approach might use API functions like FindFirstChangeNotification() and WaitForMultipleObjects() to implement multi-threaded logic that says, "I've already checked 'c:\fastExec\util.exe' and since then, nothing has been written to that directory, therefore I do not need to check it again".

Thanks for asking!

 

Re: Process Guard Suggestions / Wish list

An option to receive critical notifications via popup windows. My Taskbar uses "Auto Hide" and the PG icon isn't normally visible.

 

Re: Process Guard Suggestions / Wish list

an option to implement our AV/AT to scan some new exes would be perfect. or an automatic detection of tds3/4 would this suite rock my world.

I think this should be considered...

 

Re: Process Guard Suggestions / Wish list

How about an option for off-host logging for use in an Enterprise (or small business)
Just the ability to have centralised logging would do, most places already have something to collate/act/report on what is gathered
For off-host (or eventlog) logging it would probably make sense to have an option to only report exceptions (ie: exclude the "was allowed to start" messages)

For those of us that run networks that include Unix boxes it would be good to have syslog style logging to one (or more) servers

Presumably for windows admins they would be looking for things to be appearing in the local event log. There are bound to be methods for monitoring that given that most windows things end up in there.

Another fairly generic way of messaging might be to perform a GET to a specified webserver and pass the logging arguments as parameters, that way a central app could intercept the url and parse it and do whatever... this would be useful in smaller environments seeing as most tech staff can start up a webserver and write some php or asp code to handle the incoming events

I'm thinking about this potentially being useful in environments with 100+ client PC's that you might want to protect. In environments like this PC's are often locked down so writing logs in sudirectories of the install directory would be frowned upon, not to mention never looked at. Any log directory should be configurable with the ability to turn persistent local disk logging off if desired

Management like to have centralised logging and alerting, and IT support staff like being able to roll things out with standardised configs....

Having the ability to install PG with an initial profile (completely hands off) and leave it in learning mode for the 2 reboots (as required for it to work) presents an interesting challenge.

Of course while the program doesn't support export/import of settings and profiles it isn't really an issue as the "initial profile" aspect of the install would have to be left out. This would be a pity because we could distribute the tool preconfigured to lockdown a few of the more important programs...

Rather than repeating them, my other comments about profiles are in the thread below, they were more in the context of a small business rather than an enterprise... https://www.wilderssecurity.com/showthread.php?p=289659#post289659

 

Re: Process Guard Suggestions / Wish list

One thing I'd love to see is an Install Mode or something similar. I always have to disable PG completely if I install or remove anything. Maybe a button or option to click 'run this app in install mode' would be cool.

Sorry if this has been mentioned, I didn't read this whole thread.

 

Re: Process Guard Suggestions / Wish list

I would like the learning mode to apply to everything PG protects and I also think an install mode is needed. Something else I would like is the ability to not use no skin at all. The skin that comes with it is nice and all, but I feel that it should be optional. One more thing... I think there should be seperate check boxes for Blocking new/changed applications.

 

Re: Process Guard Suggestions / Wish list

We will start a new wish list thread for the next version features you guys want. This one will be closed so take any of the newer requests you had to the new thread.