Configuring security against protection tampering

To prevent unauthorized users from disabling the protection, Panda Adaptive Defense 360 enables you to set these limitations for the uninstallation and configuration of the security software on user computers:

• Set a first authentication factor (based on a password) to configure, disable, or uninstall the security software from the computer.

• Set a second authentication factor (based on a QR code) to configure, disable, or uninstall the security software from the computer. To use the second authentication factor, you must:

  • Have access to a smartphone or tablet with a built-in camera.

  • Download the WatchGuard AuthPoint app (or another authenticator app) for free from:

    • iOS: https://apps.apple.com/app/watchguard-authpoint/id1335115425

    • Android: https://play.google.com/store/apps/details?id=com.watchguard.authpoint

• Enable anti-tamper protection: Many advanced threats use techniques for disabling the security software installed on computers. Anti-tamper protection prevents tampering of the security software operation by enabling you to configure a password that prevents the software from being stopped, paused, or uninstalled.

• Enable protection when the computer starts in Safe Mode: Some types of malware force Windows computers to restart in Safe Mode with networking enabled. In this mode, antivirus is automatically disabled and computers are vulnerable. You can configure Panda Adaptive Defense 360 to protect computers when they start in Safe Mode with networking enabled, so that all configured protections remain active and working normally.

If a computer loses its license because it is manually removed or because it expires or is canceled, the anti-tamper protection and password-based uninstallation protection are disabled.

To configure security against tampering:

• From the top menu, select Settings. From the side menu, select Per-computer settings.

• Select an existing settings profile, or click Add to create a new profile.

• Select Security against unauthorized protection tampering:

• To Request password to uninstall the protection from computers, enable the toggle. In the Password required to perform advanced management tasks locally from your computers text box, type a password that is between 6 and 15 characters in length.

• To Allow the protections to be temporarily enabled/disabled from the computers' local console, enable the toggle. In the Password required to perform advanced management tasks locally from your computers text box, type a password that is between 6 and 15 characters in length.

• To Enable Anti-Tamper protection (prevents users and certain types of malware from stopping the protections), enable the toggle. In the Password required to perform advanced management tasks locally from your computers text box, type a password that is between 6 and 15 characters in length.

• To Enable protection when Windows computers start in Safe Mode, enable the toggle. The protection starts working when a computer starts in Safe Mode with networking.

• To enable the second authentication factor, see Enabling two-factor authentication (2FA).

Enabling two-factor authentication (2FA)

Generally, the security software is protected against tampering from third parties through a single password mechanism. Nevertheless, you can add an additional authentication factor for the security software. This additional authentication factor is obtained through a QR code generated in the console and which must be imported to the AuthPoint app or another app that generates authentication tokens.

To generate the QR code, Panda Adaptive Defense 360 requires a keyword. Each keyword generates a specific QR code.

After you enable two-factor authentication in a Per-computer settings profile, and the authenticator app reads the QR code, the administrator must provide both the password set in the console and the token generated by the authenticator app to uninstall the agent or change its settings.

Depending on the number of administrators who use the console, you can generate a single QR code for the entire account or multiple different codes. You can share a QR code to all Per-computer settings profiles in the account, to some profiles only, or even assign a unique QR code to each Per-computer settings profile.

Generating a unique QR code at account level

The QR code is automatically generated at account level and applied to all settings profiles that have the Use a QR code shared across the entire account setting enabled.

• From the top menu, select Settings. From the side menu, select Per-computer settings.

• Select an existing settings profile, or click Add to create a new profile.

• Select Security against unauthorized protection tampering.

• Select the Enable Two-Factor Authentication (2FA) toggle.

• Select Use a QR code shared across the entire account.

• Click Show QR code. A dialog box opens that shows the QR code generated for all the Per-computer settings profiles in the account.

• Scan the QR code in the AuthPoint app (or another authenticator app).

• Click Close.

• Click Save.

Generating a QR code for a single settings profile

The console prompts for a keyword to generate a QR code that is applied to a specific Per-computer settings profile.

• From the top menu, select Settings. From the side menu, select Per-computer settings.

• Select an existing settings profile, or click Add to create a new profile.

• Select Security against unauthorized protection tampering.

• Select the Enable Two-Factor Authentication (2FA) toggle.

• Select Generate a QR code for this configuration.

• Click Generate code.

• Enter a 6- to 20-character combination of letters and numbers for the QR code key. This QR code key (passphrase) is linked to the generated QR code. You can reuse the QR code key in other Per-computer settings profiles to enable two-factor authentication.

• Click Generate code.

• Click Close.

• Click Save.

Sharing a QR code to multiple settings profiles

To assign an existing QR code to another Per-computer settings profile:

• From the top menu, select Settings. From the side menu, select Per-computer settings.

• Select the settings profile from which you want to copy the QR code.

• Select Security against unauthorized protection tampering.

• In Generate a QR code for this configuration, click Show QR code. A dialog box opens and shows the QR code and the QR code key.

• Copy the QR code key to the clipboard.

• In the dialog box, click Close. On the settings profile page, click Close.

• Select the settings profile where you want to use the QR code you copied, or click Add to create a new profile.

• Select Security against unauthorized protection tampering.

• Select the Enable Two-Factor Authentication toggle.

• Select Generate a QR code for this configuration.

• Click Generate code.

• In the text box, paste the QR code key you copied.

• Click Generate code.

• Click Close.

• Click Save.

Exceptions when you copy a security settings profile with anti-tamper protection enabled

When you copy a settings profile with a password and/or two-factor authentication enabled, the security software behaves as described in Copying a settings profile, except:

• The copied profile does not include the password specified in the Password required to perform advanced management tasks locally from your computers text box. The administrator must enter a new password.

• If the administrator copies a settings profile inherited from a partner, Panda Adaptive Defense 360 automatically enables the Generate a QR code for this configuration option and generates a new QR code. It does not copy the password specified in the Password required to perform advanced management tasks locally from your computers text box.