Views:

The Security Agent blocks all attempts to terminate the processes in the following table.

Process

Description

TmListen.exe

Receives commands and notifications from the Apex One server and facilitates communication from the Security Agent to the server

NTRtScan.exe

Performs Real-time, Scheduled, and Manual Scan on Security Agents

TmPfw.exe

Provides packet level firewall, network virus scanning, and intrusion detection capabilities

TMBMSRV.exe

Regulates access to external storage devices and prevents unauthorized changes to registry keys and processes

DSAgent.exe

Monitors the transmission of sensitive data and controls access to devices

PccNTMon.exe

This process is responsible for starting the Security Agent console

TmCCSF.exe

Performs Browser Exploit Prevention and memory scanning

The Security Agent can also protect against the addition of processes in the Microsoft Software Restriction Policies (SRP). Software Restriction Policies prevent the listed applications from running on the endpoint. To prevent the addition of Security Agent processes in the Software Restriction Policies list:

  1. Enable Protect Security Agent processes.

  2. Enable the Unauthorized Change Prevention Service.