Latest changes
Oct 18, 2020
Daily driver
My primary device
Operating system
Windows 10 Pro
OS version
20H2
System type
64-bit operating system; x64-based processor
Security updates
Automatically allow security and feature updates
Windows UAC
Always notify
Firewall protection
Custom - Provided by a third-party security vendor
Account privileges
Standard account
Account type
Sign in with local account
Account log-in
  1. Account Password
Exposure to malware
No malware samples are downloaded
Real-time Malware protection
McAfee Endpoint Security
RTP configuration
See above
Periodic scanners
No periodic scanners needed, due to system hardening via policies
Browser and Add-ons
McAfee Web Filter
Privacy tools and VPN
McAfee VPN powered by Tunnel Bear
Password manager
McAfee True Key
Search engine
Google
Maintenance tools
Windows built-in
Photos and Files backup
Acronis True Image 2021
File Backup schedule
Automatically sync to the cloud
Backup and Restore
Not used
Backup schedule
No system backups
Computer Activity
  1. Online banking
  2. Office and other work-related software (Work from Home)
  3. Learning computer languages or creating apps
Computer Specifications
CPU: Genuine Intel Core i7 1065g7 @ 3.9 GhZ
GPU: Intel Iris Plus Graphics
RAM: 8 Gb DDR4
512 Gb PCIE NVME Storage

McMcbrad

Level 1
Now this is the configuration for my primary device, which I use ONLY for work (software development, office apps, IT administration, etc.)

This device is protected by McAfee Endpoint Security.

For those of you who haven’t used McAfee Endpoint, it is a solution that comes with 4 modules:
  • Standard Antivirus, which unlike the home version of McAfee is jam-packed with settings and the cloud has 5 aggressiveness settings. This module also includes Exploit Prevention, which uses a large set of rules to block online and offline intrusions.E.g. block WMI calls from Microsoft Office
  • Firewall, which operates without creating rules. It also blocks connection based on IP reputation and can be configured in a sort of “default-deny” way, where all unverified addresses and sites are blocked.
  • Web Filter, which is basically corporate SiteAdvisor, which also has level of aggression and can be configured to block all unverified sites.
  • And most important - Advanced Threat Protection - this is Real Protect Cloud, Real Protect Local and Dynamic Application containment. Real Protect Local is sort of “data miner” scanning pre-execution, Real Protect Cloud is the true behavioural blocker. Dynamic Application Containment is not too different from the Comodo Sandbox. It’s got a set of rules which are applied to every isolated program and can be configured.

Because it’s a complicated solution to deploy and manage, I will not be including changes made to the RTP config bellow, as these are a lot. Anyone wishing to obtain information on how I’ve configured it can cont
 
Last edited:
Top