How to Create and Manage Registry Groups

Release Time
06/06/2018
Views
227 times
Category
ITSM Features
Tags


Summary:

  • A registry group is a set of important registry keys which belong to a particular category. For example, 'Internet Explorer Keys' and 'Automatic Startup Keys'.

  • You can use registry groups as target variables in a configuration profile. For example, you could specify a group as an exclusion to a containment rule, or choose to protect an entire group with HIPS.

  • ITSM ships with a set of pre-defined registry groups and allows you to create your own.

 

Open the registry group interface

  • Login to C1

  • Click ‘Applications’ > ‘IT and Security Manager’

  • Click 'Settings' > 'System Templates'

  • Click the 'Registry Variables' tab

  • The interface shows a list of existing registry groups. 'Default' groups cannot be edited or deleted.

Add a new registry group

  • Enter the name of the new Registry Group in the 'New Registry Group' field

  • Click the '+' button

  • Click the group name in the list

  • Enter the path of the registry key/value in the field provided

  • Click 'Add' to add the key to the group

  • Repeat the process to add more keys and values to the group.

 

Example # 1: Do not virtualize access to a certain registry group

  • Open ITSM > Click 'Configuration Templates' > 'Profiles'
     
  • Click the name of the profile you want to work on to open its details page
     
  • Click 'Add Profile Section' > 'Containment' (...or open the 'Containment' section if you have already added it).

  • Click 'Containment' > 'Settings'

  • Enable 'Do not virtualize to the specified registry keys/ values', then click 'Exclusions'

  • Click the 'Add' button > 'Registry Groups'

  • Choose the group you wish to exclude

  • Click 'OK' to apply your settings

Example # 2: Protect a registry group with HIPS

  • Open ITSM > Click 'Configuration Templates' > 'Profiles'

  • Click the name of the profile you want to work on to open its details page

  • Click 'Add Profile Section' > 'HIPS' (...or open the 'HIPS' section if you have already added it).

 

 

  • Click the 'Protected Objects' tab

    • Show - select 'Registry keys'

    • By - select 'Group List'

  • Click the 'Add Registry Group' button then select the group you want to protect

  • Click 'Save' to apply your changes.