Compatibilité entre SES Evolution et les autres solutions de sécurité

Pour fonctionner correctement, les composants de SES Evolution doivent pouvoir accéder aux ressources listées ci-dessous.

Veuillez vous assurer qu'aucune autre solution de sécurité n'empêche l'accès à ces ressources sur les différentes machines sur lesquelles sont installés les composants.

Agent SES Evolution

Dossiers
%PROGRAMDATA%\Stormshield Endpoint Security Evolution Agent Diagnostic Result\
%PROGRAMDATA%\Stormshield\SES Evolution\Agent
%SYSTEMROOT%\System32\Drivers\SES Evolution
%PROGRAMFILES%\Stormshield\SES Evolution\Agent
Clés de registre
HKEY_CURRENT_USER\Software\Stormshield
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal\EsaGuardSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal\EsaGuiSrvSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal\EsaUpdateSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Network\EsaGuardSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Network\EsaGuiSrvSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Network\EsaUpdateSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaAccountCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaAnalyzerSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaAppIdSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaCollectorSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaCommSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaCoreDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaDeviceCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaDiagSrvSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaExecCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaGuardDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaGuardSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaGuiSrvSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaInjectDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaInjectSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaKeylogGuardDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaKrnlCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaLogSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaMemProtectDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaNetworkCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaPolicySvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaProbeDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaRulesEngDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaScriptSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaUpdateDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaUpdateSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaUsbCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaUsbCtrlSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaWirelessCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaWirelessCtrlSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System
HKEY_LOCAL_MACHINE\Software\Classes\Software\Stormshield\SES Evolution\Agent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stormshield Endpoint Security Evolution Agent

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ExcludedApplications

Sous cette clé, les valeurs suivantes sont relatives à l'agent SES Evolution :

  • EsAnalyzer.exe

  • EsAppId.exe

  • EsCollector.exe

  • EsComm.exe

  • EsDiagSrv.exe

  • EsGuard.exe

  • EsGui.exe

  • EsGuiSrv.exe

  • EsInject.exe

  • EsInjectWow64Host.exe

  • EsLog.exe

  • EsNotificationHost.exe

  • EsNotify.exe

  • EsPolicy.exe

  • EsScript.exe

  • EsScriptHost.exe

  • EsSetup.exe

  • EsSetupWorker.exe

  • EsUpdate.exe

  • EsUpdateHost.exe

  • EsUsbCtrl.exe

  • EsWirelessCtrl.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug\AutoExclusionList

Voir la listes des valeurs relatives à l'agent SES Evolution ci-dessus.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps

Voir la listes des valeurs relatives à l'agent SES Evolution ci-dessus.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment
HKEY_LOCAL_MACHINE\SOFTWARE\Stormshield\SES Evolution
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WlanSvc\Parameters\WlanAPIPermissions
HKEY_USERS\Environment
HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

Console

Dossiers
%PROGRAMDATA%\Stormshield\SES Evolution\Console\
%PROGRAMFILES%\Stormshield\SES Evolution\Console\
%APPDATA%\EsConsole\
%TEMP%\EsInstaller\
Clés de registre
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EscConsoleUpdateSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Stormshield\SES Evolution\Console
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stormshield Endpoint Security Evolution Console

Serveur backend

Dossiers
%PROGRAMDATA%\Stormshield\SES Evolution\Backend\
%PROGRAMFILES%\Stormshield\SES Evolution\Backend\
%SYSTEMROOT%\System32\inetsrv\Config\
%TEMP%\EsInstaller\
Clés de registre
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EsrBackendUpdateSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Stormshield\SES Evolution\Backend
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stormshield Endpoint Security Evolution Backend

Gestionnaire d'agents

Dossiers
%PROGRAMDATA%\Stormshield\SES Evolution\Server\log
%PROGRAMDATA%\Stormshield\SES Evolution\Server\AgentLogs
%PROGRAMFILES%\Stormshield\SES Evolution\Server\
%SYSTEMROOT%\ServiceProfiles\LocalService\AppData\Local\Temp\EsServer\
%TEMP%\EsInstaller\
Clés de registre
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Endpoint Security Server Performance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EsrCoreSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EsrServerUpdateSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Stormshield\SES Evolution\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stormshield Endpoint Security Evolution Server