Re: ClearVirtual Mem PgFile Shutdown
- From: "Al Mulnick" <amulnick_No_SPAM@xxxxxxxxxxx>
- Date: Wed, 18 Apr 2007 22:01:08 -0400
Let me be the first to encourage that setting to be not set (the default).
Why? Because the performance hit is horrendous. Horrible. Unlivable.
It's really bad.
Since it's a security setting, you'll need to consider the risk vs. the
performance tradeoff. Since it's to do with virtual memory, that means it
*can* have potentially transient classified information in it that has not
been overwritten. What I often find in companies that make this setting is
that they want this set to protect against issues where somebody comes
physically into contact with the machine and now wants to skim the page file
and pick up classified information. What I also find is that people that
have that level of sophistication are not plentiful. That is, people that
know how to get that information AND have physical possession of your
hardware are not readily available. What often makes me chuckle are the
companies that protect against this risk and yet have no classification
system for their information. Well, that means it's either all important
and should be protected or it's all unimportant and should be freely
available on the internet. If the former is the case, then do it right and
encrypt your harddrive. Don't half step it and hope that clearing the
virtual file will protect you at all. Is it a virus you're worried about?
Why? Why would a virus spend the time and bandwidth to collect your page
file (off-line) and send it the next time your online in order to try and
skim your data. I suppose it's possible, but risk vs reward...
When your users burn you in effigy and find little workarounds (like never
shutting down) remember this posting. Remember that you heard it here first.
;)
"al" <al@xxxxxxxxxxx> wrote in message
news:1176945641.240581.248630@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I am wondering what folks thing of enabling this GPO setting on
workstations (mobiles):
Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options
Shutdown: Clear virtual memory pagefile Disabled
I realize it would "speed" the startup and shutdown for mobile users
however, I am concerned about security. I have not seen this
"disabled" setting encouraged on any groups I've searched. I was just
wondering what folks thought and were implementing at their sites.
TIA
Al
.
- References:
- ClearVirtual Mem PgFile Shutdown
- From: al
- ClearVirtual Mem PgFile Shutdown
- Prev by Date: Re: Active Directory User Account Activity
- Next by Date: Re: ADFS and Certificate Services
- Previous by thread: ClearVirtual Mem PgFile Shutdown
- Next by thread: Re: ClearVirtual Mem PgFile Shutdown
- Index(es):
Loading
