Enabling agent Self Protect on SCSP and SDCSS
search cancel

Enabling agent Self Protect on SCSP and SDCSS


Article ID: 162556


Updated On:


Critical System Protection Data Center Security Server Advanced Data Center Security Server


You only want to have self protect active on a DCS or CSP IPS policy and everything else disabled, so the agent cannot be removed or disabled while only using IDS



Use the targeted prevention policy below for Windows or Unix agents: 





In the Java console, edit the policy you want to use to only have Self Protection active

Click on Sandboxes


Then Click Edit on Default PSET Options [Default_ps]




Make sure the box is checked to Enable SDCSS Self Protection



You can uncheck all the boxes under File Rules and Process Access controls to disable any IPS block rules



Click on the Home tab on the upper left


On the main screen for the policy click Global Policy Options and check for any rules that are active and set to block, make sure you uncheck them to disable them



Once you checked the Global Policy Options go back to the main page to edit the policy and click on File Rules



Make sure none of the rules that are set to block access are unchecked

Now you can save the policy and apply it, this will work on both Windows targeted prevention policies and Unix targeted prevention policies

Please make sure to test the policy before applying it to production, to verify that the policy is working as intended