Andy Ful

Level 64
Verified
Trusted
Content Creator
Hello

If I have windows defender with hard configurator set for max or high ,need something else like OSA?

Regards
If you are using Windows 10 with the H_C Recommended Settings + ConfigureDefender set to HIGH and FirewallHardening (rules for H_C), then adding something else is not necessary. You should rather focus on the security of your web browser and router.

If you want to experiment with even stronger protection (not recommended) you can use the predefined profiles:
  1. Windows_10_Strict_Recommended_Settings.hdc
    It will require some manual updates, more whitelisting, and inspecting the H_C Logs from time to time.
  2. Windows_10_Strict_Recommended_Enhanced.hdc
    It will require more activities from point 1.
  3. Windows_10_NoElevationSUA_Enhanced
    The same as in point 2, but locks the Standard User Account so the installation of new applications and software updates has to be made on Admin account.
Experimenting with 3rd party security software and H_C will probably cause higher blood pressure without improving your computer security.:)(y)
It is better to skip H_C and experiment without it.
 

Andy Ful

Level 64
Verified
Trusted
Content Creator
@KonradPL,
Securing Windows OS too much is no go method. It would be like keeping the child under strict parents' protection all the time. It is not possible. If the parents want to increase child safety, then they have to learn children how to cross the street, do not play with fire, etc.
So, AV + H_C is like parents' protection of children. But, when the children learn the H_C protection can be decreased (that is why H_C has several setting profiles).
The final proportions should be distributed among:
standard AV + basic restrictions + some knowledge + safe habits.
 
Last edited:

ErzCrz

Level 7
Verified
I use H_C to pretty much protect me from myself really by use of the Default Deny approach which is why I'm a Comodo fan but switched to H_C some time ago now as I opted for OS built-in default deny rather than third party. Seems to be working all fine for me though I'm not one to often download something dodgy.
 

Gandalf_The_Grey

Level 36
Verified
Trusted
Content Creator
If you are using Windows 10 with the H_C Recommended Settings + ConfigureDefender set to HIGH and FirewallHardening (rules for H_C), then adding something else is not necessary. You should rather focus on the security of your web browser and router.

If you want to experiment with even stronger protection (not recommended) you can use the predefined profiles:
  1. Windows_10_Strict_Recommended_Settings.hdc
    It will require some manual updates, more whitelisting, and inspecting the H_C Logs from time to time.
  2. Windows_10_Strict_Recommended_Enhanced.hdc
    It will require more activities from point 1.
  3. Windows_10_NoElevationSUA_Enhanced
    The same as in point 2, but locks the Standard User Account so the installation of new applications and software updates has to be made on Admin account.
Experimenting with 3rd party security software and H_C will probably cause higher blood pressure without improving your computer security.:)(y)
It is better to skip H_C and experiment without it.
Are the FirewallHardening rules really needed with H_C Recommended Settings + ConfigureDefender set to HIGH?
 

Andy Ful

Level 64
Verified
Trusted
Content Creator
Are the FirewallHardening rules really needed with H_C Recommended Settings + ConfigureDefender set to HIGH?
Probably not needed, but they are almost invisible to the user (the rules for H_C, not all LOLBins). So, why not use them? For example, they can be useful when someone will ignore SmartScreen.

Edit.
The FirewallHardening idea is similar to disabling SMB or Windows remote features. If something can be used by the malc0ders and is not needed by the user, then it is reasonable to disable/block it.
 
Last edited:

shmu26

Level 85
Verified
Trusted
Content Creator
Guys thanks you all for replies. i`ll stay with WD i H_C :)
With H_C, as well as all other advanced security solutions, your security ultimately depends on your own decisions. Most of us ocassionally encounter something that H_C blocked, or Smartscreen recommended against, yet we know it's safe, and we allow it to run. It could be something as simple and innocuous as a Zoom update. So you can't get away from it, you need to be educated in safe user habits or you eventually will shoot yourself in the foot.
 
Top