Novell ZENworks Endpoint Security Management 3.5 Manuale Utente
ZENworks® ESM 3.5
Administrator’s Manual
63
Override-Password Key Generator
Productivity interruptions that a user may experience due to restrictions to connectivity; disabled
software execution; or access to removable storage devices are likely caused by the security
policy the ZSC is enforcing. Changing locations or firewall settings will most often lift these
restrictions and restore the interrupted functionality. However, in some cases the restriction could
be implemented in such a way that they are restricted in all locations and/or all firewall settings,
or that the user is unable to make a location or firewall setting change.
software execution; or access to removable storage devices are likely caused by the security
policy the ZSC is enforcing. Changing locations or firewall settings will most often lift these
restrictions and restore the interrupted functionality. However, in some cases the restriction could
be implemented in such a way that they are restricted in all locations and/or all firewall settings,
or that the user is unable to make a location or firewall setting change.
When this occurs, the restrictions in the current policy can be lifted via a password override to
allow productivity until the policy can be modified. This feature allows an administrator to set up
password protected override for specified users and functionality, which temporarily permits the
necessary activities.
allow productivity until the policy can be modified. This feature allows an administrator to set up
password protected override for specified users and functionality, which temporarily permits the
necessary activities.
Password overrides disable the current security policy (restoring the default, All Open policy) for
a pre-defined period of time, once the time-limit has expired, the current or updated policy will be
restored. The password for a policy is set in the security policy's Global Rules settings.
a pre-defined period of time, once the time-limit has expired, the current or updated policy will be
restored. The password for a policy is set in the security policy's Global Rules settings.
Password override:
•
Overrides application blocking
•
Allows user to change locations
•
Allows user to change firewall settings
•
Overrides hardware control (thumb drivers, CDROM, etc.)
The password entered into the policy should NEVER be issued to an end-user. It is recommended
that the Override-Password Key Generator be used to generate a short-term-use key (see Figure
43).
that the Override-Password Key Generator be used to generate a short-term-use key (see Figure
43).
Figure 43 : Override Password Key Generator
To generate an override key, perform the following steps: