Previous Topic: Disable Connections to IPv6 Addresses on Windows Server 2008 R2Next Topic: Unregister from CA Performance Center

Preparing Windows ServersConfigure Data Execution Prevention (DEP)

Configure Data Execution Prevention (DEP)

Data Execution Prevention (DEP) helps to prevent code execution from data pages. This topic describes how to configure the appropriate DEP policy level on a Windows Server 2008 R2 system.

A Windows Server 2003 system should have the appropriate setting enabled by default unless a different policy level is specified in an unattended installation. If the default OptIn DEP policy level has been overridden on your Windows Server 2003 system, consult the Microsoft support site for steps to restore the setting.

Required/Optional

Operating System

Servers to Configure

Required

Windows Server 2003, Windows Server 2008 R2

All servers

Follow these steps:

  1. Log in as a user who is a member of the Administrators group.
  2. Open the Control Panel and click the System link.
  3. Click the Advanced tab in the System Properties dialog that opens.
  4. Click Settings.
  5. Click the Data Execution Prevention tab in the Performance Options dialog that opens.
  6. Select "Turn on DEP for essential Windows programs and services only."
  7. Save your settings and exit:
    1. Click OK in the Performance Options dialog.

      Your settings are saved and the dialog closes.

    2. Click OK in the System Properties dialog.

      A message opens and informs you that you must restart your system to make the new settings take effect.

  8. (Optional) Restart your system before you install or upgrade the software.

    If you proceed with software installation or upgrade without restarting the system, the prerequisite test displays a warning about your DEP configuration.