Software Restriction Policies
Windows Software Restriction Policies (SRP) use rules to allow only specified software to run. For Illumina systems, SRP rules are based on certificates, file names, file extensions, and directories. Refer to the product documentation for your system for specific information on SRP.
By default, SRP is turned on to prevent unwanted software from running on the control computer. An IT representative or system administrator can add and remove rules to customize the security level. If the system is added to a domain, the local Group Policy Object (GPO) might automatically modify the rules and turn off SRP.
Turning off SRP prevents the protection that it provides and overrides default protections. Changing the rules overrides the default protections.
Add and remove SRP rules to customize system security. Modifying the rules requires turning off SRP temporarily.
For some Illumina instrument systems, for example the iSeq Sequencing System, only the administrator (sbsadmin) user can turn off SRP. The administrator account has the privileges necessary to modify SRP rules.
Add and Remove SRP Rules
|
1.
|
Log in to the operating system. |
|
2.
|
Turn off SRP as follows. |
|
a.
|
Navigate to the directory C:\Illumina\Security. |
|
b.
|
Double-click Disable.reg. |
|
c.
|
Select Yes to confirm the changes. |
When using a touch-screen interface, tapping and holding for about two seconds is equivalent to right‑clicking.
|
3.
|
Select Start, and then select Run. |
|
4.
|
In the Open field, enter secpol.msc. |
|
5.
|
In the Local Security Policy dialog box, expand Software Restriction Policies, and then select Additional Rules. |
|
6.
|
Add a rule as follows for files, file extensions, or directory paths. |
|
a.
|
On the Action menu, select New Path Rule. |
|
b.
|
In the Path field, enter the file name, file extension, or directory that you want to allow. |
You can also browse to the location.
|
c.
|
In the Security level list, select Unrestricted. |
|
d.
|
[Optional] In the Description field, enter a reason for creating the rule. |
|
e.
|
Select OK to add the rule. |
|
7.
|
Add a rule as follows for certificates that you have previously imported. |
|
a.
|
On the Action menu, select New Certificates Rule. |
|
b.
|
Browse to the certificate file that you imported |
|
c.
|
In the Security level list, select Unrestricted. |
|
d.
|
[Optional] In the Description field, enter a reason for creating the rule. |
|
e.
|
Select OK to add the rule. |
|
8.
|
Delete a rule as follows. |
|
a.
|
Select the rule that you want to delete, and then select Delete. |
|
b.
|
Select Yes to confirm the deletion. |
|
9.
|
Close the Local Security Policy dialog box. |
|
10.
|
Immediately reinstate SRP as follows. |
|
a.
|
Navigate to the directory C:\Illumina\Security. |
|
b.
|
Double-click Enable.reg. |
|
11.
|
If SRP rules were modified for the first time, log off and then log on again for the rules to take effect. |
