Advanced Plus Security joyous home PC Config 2020

Last updated
Jun 18, 2020
How it's used?
For home and private use
Operating system
Windows 11
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Symantec endpoint protection 14.3 managed by Symantec endpoint Manager. Adguard desktop. NextDNS.
Firewall security
About custom security
Custom virus and spyware protection (maxed out), proactive protection( Sonar in aggressive mode), deception policies and firewall with max security settings. installation from External devises is prevented by using device control. Exploit mitigation uses prevention of running scripts in docx files and pdf files. IPV6 traffic is blocked.Only selected application out bound traffic is allowed. Firewall is set to detect changes in application and to report for re-allowing traffic.
Periodic malware scanners
Norton power eraser. EEK, Hitman pro.
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Firefox,Chrome, Brave, Edge chromium with adguard, malwarebytes browser guard, lastpass and adguard vpn
Maintenance tools
reg organizer. Kerish doctor.
File and Photo backup
Windows base Image backup on two external hdds, Macrium Reflect incremental backup. Important data is also on Google drive and One drive as password protected zip file with 256 bit encryption.
System recovery
Windows base Image backup on two external hdds, Macrium Reflect incremental backup
Risk factors
    • Gaming
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
Computer specs
AMD Ryzen 5 3600.
Asus X570 tuf gaming Mobo.
Silicon Power 256GB NVMe PCIe Gen3 M2 ssd as boot drive.
2x 2Tb Thoshiba 7200 rpm Hdd.
Corsair Vengeance LPX 32GB (16GBx2) 3200MHz DDR4.
ZOTAC GAMING GeForce GTX 1660 SUPER.
Notable changes
1. Removed Fseure safe ( it was going to expire.)
Edit:
1. User access Control changed to " always notify"
2. added "WPD" to control windows privacy settings.
3.added malwarebytes browser guard
4. Added firefox with Next Dns DOH enabled.
5. Added NextDns.
6. Updated windows to 2004 version.
7. Added one more 16GB ram stick ( now running in dual channel mode)
8.Removed yoga dns app. Now running NextDns in doh mode in Mikrotik hAP AC router.

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
I am extremely thankful @ Vitali-ortzi for suggesting me SEP and also for helping me out with configuration of SEP manager. I Use admin Account since no one else uses this pc.
Let's start by this is not your average security Configuration.
Rather one of the best Configuration in this forum!

I'm very proud that you decided to set up quality policies even including Deception(honeypots).

If I was an attacker I would ##### my pants right now 😂.

About improvements,
no way it's minor changes for increased security.
Change it to major.
And make an exclusion to your programs (fingerprint hash).

import rules from H_C firewall hardening as well in case you haven't already.
Set client control if some options are presented in a gray color in SEP client GUI.

Anyway I hope you upload a few screenshots of your policies In case someone is interested.
 
Last edited:

Brahman

Level 16
Thread author
Verified
Top Poster
Well-known
Aug 22, 2013
799
Some of my settings.
Application device control policy.jpg
deception policies.jpg
Download protection.jpg
firewall set to user control for most settings.jpg
How to give control to client for firewall settings alone.jpg
Virus and spyware protection set to high.jpg
 

Attachments

  • firewall rules.jpg
    firewall rules.jpg
    1 MB · Views: 372
Last edited:

Brahman

Level 16
Thread author
Verified
Top Poster
Well-known
Aug 22, 2013
799
And make an exclusion to your programs (fingerprint hash).
If I make a fingerprint list using "checksum.exe" and import the same to sepm for whitelisting in system lock-down, upon updating an app say chrome.exe, will the fingerprint of that app change? if it changes, do i need to redo the whole fingerprinting again and import it....
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
If I make a fingerprint list using "checksum.exe" and import the same to sepm for whitelisting in system lock-down, upon updating an app say chrome.exe, will the fingerprint of that app change? if it changes, do i need to redo the whole fingerprinting again and import it....
Any modifications to an application /file changes the hash .
System lockdown is to aggressive for almost any kind of usage.
I personally use it only in office /banking exclusive computers .
In case you want system lockdown watch this first
And always set test mode for two weeks only then production in any policies change you make .
 
Last edited:

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
Any modifications to an application /file changes the hash .
System lockdown is to aggressive for almost any kind of usage.
I personally use it only in office /banking exclusive computers .
In case you want system lockdown watch this first
And always set test mode for two weeks only then production in any policies change you make .

And yes I'm sorry if the so called "premium support" of the leading company in the industry .
Has a ##### microphone and mediocre explaination.
 

Brahman

Level 16
Thread author
Verified
Top Poster
Well-known
Aug 22, 2013
799
Why does this PC have only one stick of ram ?
Dual channel has best performance.
Ya I know, Financial trouble my brother... at the time of buying. I spend a lot of money on presonus eris 4.5 powered bookshelf speakers and also on an 8" Blaupunkt Sub-woofers ( I don't repent on both). I thought i shall add one more stick when i have the extra money to spare ( but time now have changed, this corona thing had caused memory prices to skyrocket. Everything is 40 to 50% pricier. I am waiting for the prices to drop to some sane levels)
IMG_20200530_205348.jpg
IMG_20200530_205653.jpg
 
Last edited:

Nagisa

Level 7
Verified
Jul 19, 2018
341
Hey, I think that the 'Download insight' feature is useless (at such a high level), unless you are sharing your computer with somebody who are a happy clicker. At higher settings, all it does is moving less reputable files to quarantine automatically. At lower settings, you decide yourself wheter you want to keep that file or not. Kind of like dynamic lockdown.
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
Hey, I think that the 'Download insight' feature is useless (at such a high level), unless you are sharing your computer with somebody who are a happy clicker. At higher settings, all it does is moving less reputable files to quarantine automatically. At lower settings, you decide yourself wheter you want to keep that file or not. Kind of like dynamic lockdown.
It's fine as long as he downloads only very popular software.
 

Brahman

Level 16
Thread author
Verified
Top Poster
Well-known
Aug 22, 2013
799
Hey, I think that the 'Download insight' feature is useless (at such a high level), unless you are sharing your computer with somebody who are a happy clicker. At higher settings, all it does is moving less reputable files to quarantine automatically. At lower settings, you decide yourself wheter you want to keep that file or not. Kind of like dynamic lockdown.
Till now it hasn't quarantined anything in my pc except an eicar test file. I am keeping it as a test run to see how does it performs....
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top