Cisco Cisco Process Orchestrator 3.0 Installation Guide

The Data Execution Prevention (DEP) feature in Microsoft Windows is the recommended tool customers 
should use to secure their underlying hardware and operating system. 

Hardware-enforced DEP detects code that is running from these locations and raises an exception when 
execution occurs. Software-enforced DEP can help prevent malicious code from taking advantage of ex-
ception-handling mechanisms in Windows.

To enable the DEP

Choose Start > All Programs > Control Panel > System.

The System panel displays. 

Click Advanced system settings to continue. 

The System Properties dialog box displays. 

Under Performance, click Settings.

Click the Data Execution Prevention tab to continue. 

Check the Turn on DEP for all programs and services except those I select to select check box.

After adding the programs, click OK to complete.

This section describes the steps required to allow a hardened windows system using Microsoft Windows 
recommended hardening guidelines to properly run Cisco Process Orchestrator, as well as to make 
additional changes to Process Orchestrator to harden it's configuration. If your system has additional 
hardening steps further changes may be required to get Process Orchestrator to work.

For hardening Windows Server 2008, the Best Practices Analyzer (BPA) server management tool, which 
is installed by default on all editions of Windows Server 2008 R2, except the Server Core installation 
option, can be used. 

This server management tool helps administrators reduce best practice violations by scanning one or 
more roles that are installed on Windows Server 2008 R2, and reporting best practice violations to the 
administrator. 

For additional information on recommended Windows OS hardening guidelines, see