What are Trusted Groups and Trusted Users
For Application Allowlisting, CatchPulse makes use of Trusted Groups and Users who will have the rights to:
-
add new allowlist
-
modify the trust level of each program file
-
run any installation software that is trusted as an installer
-
modify CatchPulse settings
By default, Administrators are the default trusted group who are allowed to do anything on Windows. Likewise for CatchPulse which will work on every Windows machine. For enterprise users with several administrators, you can add specific administrators to the Trusted Users and remove Administrators from the Trusted Groups. This is to give rights to specific administrators instead of all the administrators.
One user can belong to a certain group, or it can belong to multiple groups.
For example, admin belongs to the Administrators and Users group. Sarah and Sophie each belong to the Administrators and Users groups, respectively.
As shown under the Trusted Groups tab, these are the default groups created by Windows.
As shown under the Trusted Users tab, you may specify the Windows users to have the rights to modify the allowlist and settings by entering the Windows User ID.
For Windows to boot up and run all the operating system files, it will log on as the System account in the background. Likewise, for Local Service and Network Service accounts, Windows must use these accounts to perform operating system tasks such as Windows Update.
Therefore, all these 3 accounts must be found in the Trusted Users list to allow Windows to add new allowlist and perform their tasks normally without being blocked by Application Allowlisting.
Note that when a non-trusted user account tries to execute a Trusted Installer application, the trust level will be automatically downgraded to Trusted Application during run-time (not permanent).
In addition, for non-trusted users, their CatchPulse is always in Lockdown mode, and they do not have permission to change the application's allowlisting modes.
Support and feedback
Should you encounter any issues using the SecureAge Central with any of the mentioned or missed requirements above, you can always write to us a docs@secureage.com.
This page was last updated: March 05, 2024