Avecto Privilege Guard

Privilege Guard allows organizations to adopt the principle of least privilege by enabling users to run with standard rights and elevate individual applications based on policy settings. With Privilege Guard it is no longer necessary to assign admin rights to users, as these rights can now be assigned dynamically to applications, tasks and scripts. Privilege Guard enables users to log on with minimal rights and empowers them to perform their day to day role, without compromising the integrity and security of the standard desktop build.

  • Expand All
  • Collapse All

Privilege Guard Overview

Removing administrative rights for corporate users is a difficult problem to resolve for almost all organizations, making the deployment of locked down desktops a real challenge. The need for users to configure certain aspects of their computer configuration, run legacy applications and install authorized software are just some of the reasons why users often require excessive privileges.

Avecto Privilege Guard gives control back to the IT department by providing a solution that enables all users to run with standard rights. Policy settings determine which applications should be elevated, and Privilege Guard adds administrative privileges to the process tokens of individual applications as they launch. The experience is seamless to the end user, and does not require the user or Privilege Guard to have access to an administrative account, as all elevated applications still run in the full context of the logged on user.

Privilege Guard Benefits

  • Enables users to logon with standard user rights without compromising their ability to perform their job function
  • Enables users to perform approved computer configuration tasks, such as amending network settings, managing printers and changing the time
  • Restricts users to installing only authorized software
  • Enables users to run legacy applications or any other applications that require administrative rights
  • Works seamlessly with Windows Vista and eliminates unwanted UAC consent dialogs
  • Achieve desktop compliance set down by mandates such as Sarbanes Oxley and HIPAA

Privilege Guard Features

  • Configure policies for users and groups from Active Directory, domains or workgroups
  • Comprehensive application support for native executables and interpreted content:
    • Executables (exe)
    • Control panel applets (cpl)
    • Management console snap-ins (msc)
    • Windows installer packages (msi)
    • Windows Scripting Host scripts (vbs, js)
    • Batch files (bat)
    • Registry settings (reg)
    • PowerShell scripts (ps1)
  • Flexible and secure application identification options:
    • File path matching
    • Command line matching
    • File hashing (SHA-1)
    • Certificates
  • Application grouping to simplify policy configuration
  • Optional shell extension enables users to elevate selective applications on demand from the shell context menu
  • Auditing of all or selected application elevations
  • Fully customizable management console
  • XML based configuration for ease of deployment and troubleshooting

Privilege Guard Platforms

  • Windows XP
  • Windows Vista
  • Windows Server 2003 (including Terminal Services)
  • Windows Server 2008 (including Terminal Services)
  • Both 32-bit and 64-bit versions are available for all platforms

Copyright © Avecto 2008. All rights reserved | Privacy, Terms, Contact us, Site map, Avecto home

Talk to us

Please contact us to find out more about Avecto Privilege Guard.

Tel: +44 (0)161 848 5896
or click here to email us.