If you enable kernel mode interception, CA ControlMinder intercepts every impersonation request from all Windows processes. Kernel mode interception is not available on all supported Windows versions.
Note: For more information about the Windows versions for which kernel mode interception is not available, see the Release Notes.
An advantage of kernel mode interception is that it lets you protect every impersonation request that is made on a Windows computer.
The disadvantages of kernel mode interception include:
For example, RunAs, ftp, and telnet requests are all made by the NT AUTHORITY\SYSTEM user. If Tom executes RunAs to impersonate Administrator, the NT AUTHORITY\SYSTEM user makes the impersonation request and CA ControlMinder identifies NT AUTHORITY\SYSTEM as the requesting user.
Although CA ControlMinder caches impersonation requests, the authorization engine must still authorize many impersonation events.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|