Configuring Behavior Monitoring Settings

Security Agents constantly monitor endpoints for unusual modifications to the operating system or on installed software. Administrators (or users) can create exception lists that allow certain programs to start while violating a monitored change, or completely block certain programs. In addition, programs with a valid digital signature are always allowed to start.

Another feature of Behavior Monitoring is to protect EXE and DLL files from being deleted or modified. Users with this privilege can protect specific folders. In addition, users can select to collectively protect all Intuit QuickBooks programs.

Note:

Administrators may deny access to this feature.

  1. Click the Settings button () on the main console.
  2. On the Protection tab, select Behavior Monitoring from the drop-down menu.
  3. Configure the exception list by browsing to the location of a program, clicking Add, and then choosing to approve or block the program. Repeat this step until all the programs have been added. Approved programs can be started even if they violate a monitored change, while blocked programs can never be started.
  4. Check the status of Intuit QuickBooks Protection. Behavior Monitoring must be enabled for this sub-feature to work.

    This feature protects all Intuit QuickBooks files and folders from unauthorized changes by other programs. Enabling this feature will not affect changes made from within Intuit QuickBooks programs, but will only prevent changes to the files from other unauthorized applications.

    The following products are supported:

    • QuickBooks Simple Start

    • QuickBooks Pro

    • QuickBooks Premier

    • QuickBooks Online

    Note:

    All Intuit executable files have a digital signature and updates to these files will not be blocked. If other programs try to change the Intuit binary file, the Agent displays a message with the name of the program that is attempting to update the binary files. Other programs can be allowed to update Intuit files. To do this, add the required program to the Behavior Monitoring Exception List on the Agent. Remember to remove the program from the exception list after the update.

  5. Click OK.
Parent topic: Customizable Settings