Configuration Manager: Simplifying Windows Configuration

Keeping Windows machines consistently configured across your network can be a challenge, especially when relying on traditional Group Policy Objects (GPOs) in Active Directory. GPOs can be complex to deploy, particularly across VPNs, due to site-specific considerations and differences between user and machine policies. ThreatLocker’s Configuration Manager simplifies this process, making it easier to deploy basic, essential policies that most organizations need—all managed from the same console.

ThreatLocker offers several built-in policies that enhance your security posture. For instance, you can enable more detailed local security logging, which is invaluable for troubleshooting and investigating security incidents. User logon reporting can also be enabled, a critical feature for both compliance and security. These logon/logoff events are stored in ThreatLocker’s reporting database, allowing you to view the data from a central location with ease.

Another key feature is the ability to disable downloaded Office macros—a threat that has seen a resurgence, particularly through phishing campaigns. With just a few clicks, you can disable these macros across your entire organization, protecting users from inadvertently running malicious code. These are just a few of the recommended policies that can help eliminate many common threats.

In addition to the built-in policies, you can create custom policies through an intuitive interface. This is particularly useful for mitigating zero-day vulnerabilities before patches are available. Often, when a zero-day is discovered, security experts provide configuration changes to minimize or mitigate the risk until a patch is released. ThreatLocker’s Configuration Manager allows you to quickly deploy these changes across all your endpoints. For example, when the Print Spooler vulnerability was active and unpatched, disabling the service was a critical protective measure that could be applied immediately.