Simplify Lockdown in combination with Simplify Desktop, based on triCerat’s patent pending Day Zero® technology, makes it easy to deploy secure desktops and prevent unauthorized executables from running on your Terminal Server. Zero Day is a set of proactive technologies which monitors the server farm in real time.

Simplify Lockdown works through the use of a trusted list of applications. Each user will have a list of applications that they are allowed to run in their terminal session. Every process run by that user (including processes such as winlogon.exe and userinit.exe) is monitored and if the process is not explicitly defined in the user's trusted list, then it is blocked from running.

Process restriction can operate in one of four modes:

Trusted (White List):  This mode is the default and most restrictive.  No processes are allowed to run unless the administrator has assigned that executable to the owner’s White List.

Banned (Black List):  This mode is less restrictive than White List mode. All processes are allowed to run except for those that the administrator has assigned to the owner’s Black List.

Don’t use lockdown (Off):  Simplify Lockdown does not perform any process restriction at all.

Learning: This mode is intended to assist in configuration of the farm environment by recording data for every application run on the Terminal Server that can then be used to configure a comprehensive White List as well as Application Trust Lists. This mode does perform any restriction while collecting this data.