Overview
Block-IT is an access control system that allows administrators to increase the overall security, reliability, and integrity of
their Terminal Services environments. Block-IT includes two functional modules, namely, Block-IT (AAC) and Block-IT (HAC).
Block-IT (AAC)
Block-IT (AAC) is an application access control module through which administrators can restrict the users' access to program
executables. Block-IT (AAC) delivers the following advantages:
- Guards against application spoofing
- Fights against virus infections
- Prevents users from executing unauthorized programs
- Grants access to applications by time and day
- Locks down the Terminal Server
Block-IT (AAC) conducts a two-phase security check whenever a user starts a program. First, the full path of the
executable program is verified to ensure it is being loaded from its original installation location on disk. Second, the
authenticity of the program executable is verified by comparing its run-time hash (i.e., fingerprint) to the
original one stored in the management database. If either check fails, the user is simply denied access to the application
and an "access denial" message is displayed on the screen as (figure 1).
Figure 1 - If the user attempts to execute an unauthorized application, an "access denial" message is displayed on the screen.
Next: Block-IT - File Groups
