Well-defined, limited-task systems are usually installed on hardware with small resources. Their network connections and the interactions that can be performed with them are also limited to the necessary minimum, even though even critically important transactions can be performed on such devices. That is why traditional end-point solutions cannot be used in the case of such systems either due to network bottleneck or because the lack of available resources.
For such devices, the solution may be based on system lockdown, which with a small resource application, deeply integrated into the system, determines which processes and resources can be accessed to the smallest detail according to the requirements of the Client, and cases of prohibition can also be defined. The Symantec Critical System Protection achieves this functionality.
The central management enables further fine-tuning of the enforced rules at the endpoints, the monitoring of the operation and possibly inappropriate intervention attempts, even on Windows, Linux or AIX bases, as well as in the case of operating systems such as for which security updates are no longer available or provided.