Tag Archive for 'security'

Security Software Compatibility

The table on this page lists all security software for Windows Server 2012 with notes about its installation and workings. If you have an application that is not yet on this list, ailment please submit it using the form below including information about whether it works and problems/workarounds if any.

2 > 

ApplicationWebsiteCompatibleIssuesFix
ApplicationWebsiteCompatibleIssuesFix
yes
no
no
no
no
no
no
11yes11
Avast 7 Freehttp://www.avast.com/en-us/indexyesHad to trick installerused Scimitar's trick at http://win2008workstation.com/forum/viewtopic.php?p=920
Avast 7 Freehttp://www.avast.com/en-us/indexno
Avast 8http://www.avast.com/en-us/indexyesHad to trick installerused Scimitar's trick at http://win2008workstation.com/forum/viewtopic.php?p=920
Avast 8www.google.comno
Avast for Businesshttps://www.avast.com/avast-for-businessyesSlow cloud based configuration management, certain add ons are not free, and potential privacy concerns.Freemium works OOB (tested on Windows Server 2012 R2)
Avast Free 2014http://www.avast.com/index-winnoEven with Scimitar's permissions trick applied to the registry, the installer is still able to determine that Windows Server is the OS and that it is Server 2012 specifically and refuses to install as a result.None Currently
AVG Internet Security 2013www.avg.comnoRefuses to install, serial key is not accepted. Scimitar's trick (Avast) is not working.none
Avira Free Antivirus 2013http://www.avira.com/en/avira-free-antivirusyesHad to trick installerExtract installer. Add setup.exe to Microsoft Application Verifier. Uncheck all tests except HighVersionLie. In HighVersionLie properties, set product type to 1. Then run setup.exe.
Avira Free Antivirus 2013http://www.avira.com/en/download/product/avira-free-antivirusyesTrick InstallerExtract installer. Add setup.exe to Microsoft Application Verifier, http://www.microsoft.com/en-us/download/details.aspx?id=20028 . Uncheck all tests except HighVersionLie. In HighVersionLie properties, set product type to 1. Then run setup.exe.
Avira Free Antivirus 2014http://www.avira.com/en/download/product/avira-free-antivirusyesTrick InstallerExtract installer. Add setup.exe to Microsoft Application Verifier, http://www.microsoft.com/en-us/download/details.aspx?id=20028 . Uncheck all tests except HighVersionLie. In HighVersionLie properties, set product type to 1. Then run setup.exe.
Baidu Antivirus 2013http://sd.baidu.com/en/noversion os is not supported
Bitdefender Antivirus Plus 2015http://www.bitdefender.com/solutions/antivirus.htmlyesSetup will not run on server OS.Run the original setup on Win 7 or 8 and it will download the actual installer. Check the installer location using taskmgr and copy the installer folder to your server. Run the installer on server OS.
Bitdefender freehttp://www.bitdefender.com/solutions/free.htmlyes
Comodo Firewall 6.3http://personalfirewall.comodo.com/noInstall fails.
Comodo Firewall 7https://www.comodo.com/home/internet-security/free-internet-security.phpyesRefuses to install on server OSExtract installer, find "cis_setup_x##.msi" and open with Orca (part of Windows 8 SDK, http://msdn.microsoft.com/en-US/windows/desktop/hh852363 ), browse to "LaunchCondition" and drop the condition with the description "COMODO Internet Security is not applicable for server OS", save and close Orca, install. Probably also works for older installers.
Comodo Firewall 7https://www.comodo.com/home/internet-security/free-internet-security.phpyes
Comodo Internet Securityhttp://www.comodo.com/home/internet-security/free-internet-security.phpyes
Comodo Internet Securityhttp://www.comodo.com/home/internet-security/free-internet-security.phpno
comodo internet security 6.1www.comodo.comyesinstall comodo internet security 6.0 and update to 6.1
Emsisoft Anti-Malwarehttp://www.emsisoft.com/en/software/antimalware/yes
ESET Endpoint Security / ESET Endpoint Antivirushttp://www.eset.com/us/business/eset-for-businessyesReboot after install (HIPS start work after reboot)
Eset Smart Security 6 RChttp://www.eset.com/de/beta/v6/yesWon't installUse workaround as described for Smart Security 4 in Windows Server 2008 R2

2 > 

Security Software lists of the previous editions of Windows Server:
# Windows Server 2008 R2
# Windows Server 2008

Security Application Submission

Internet Explorer Enhanced Security Configuration

By default, Windows Server 2012 protects against attacks via the browser by greatly limiting the browsers’ possibilities. This is useful for servers, however if you want to use it for normal web browsing, it is desired to turn this security feature off.

To turn this feature off, open the Server Manager, select Local Server in the left pane and click at the On link behind the IE Enhanced Configuration setting in the PROPERTIES section. Next, switch the setting to Off for both Administrators and Users to disable it for both user groups. Save the changed values by clicking OK.

Disable IE Enhanced Security

 

Continue to set performance for Applications…


Disable Shutdown Event Tracker

1. Open the Start screen and enter gpedit.msc to start searching applications. Click the found result to open the Local Group Policy Editor.
Search the Start screen for "gpedit.msc"

2. In the left pane in Computer Configuration expand Administrative Templates and click the System section. In the right pane search for the Display Shutdown Event Tracker policy.
Find the "Shutdown Event Tracker" policy

3. Open this policy, ampoule set its setting to Disabled and click OK.
Disable Shutdown Event Tracker

 

Continue to disable the Internet Explorer Enhanced Security feature


Disable Ctrl+Alt+Del Prompt

To disable the Ctrl+Alt+Del prompt at the logon screen, buy we will disable this security feature in the Local Security Policies.

1. Open the Start screen and click the Administrative Tools icon.
Administrative Tools at Start screen

2. In Administrative Tools folder, double click the Local Security Policy icon, expand Local Policies and click Security Options. In the right pane search and open Interactive logon: Do not require CTRL+ALT+DEL and choose Enabled. Save the policy change by clicking OK.
Disable CTRL+ALT+DEL in Local Security Policy Editor

 

Continue to disable password restrictions…