Avecto released Privilege Guard 2.0, which includes full integration with Active Directory Group Policy, enabling central configuration and managing of application privileges and implementation of least privilege.
Policies can be applied to both computer and user sections of Group Policy, with Active Directory ensuring that client computers are updated automatically at computer start up, user logon and during a background refresh.
Policy settings determine which applications should be elevated, and Privilege Guard adds administrative privileges to the process tokens of individual applications as they launch. The experience is seamless to the end user, and does not require the user or Privilege Guard to have access to an administrative account, as all elevated applications still run in the full context of the logged on user.
Privilege Guard Benefits
- Enables users to logon with standard user rights without compromising their ability to perform their job function
- Enables users to perform approved computer configuration tasks
- Restricts users to installing only authorized software
- Enables users to run legacy applications or any other applications that require administrative rights
Privilege Guard 2.0 includes experimental support for Microsoft Windows 7 and Windows Server 2008 R2 beta releases.