AnswerGFI EndPointSecurity controls access to a device separately, per user. GFI EndPointSecurity will have information on which user is accessing a device and is therefore able to decide in real time whether the user may access the device or not. This is especially useful in the case of a Terminal server, where multiple users are logged on to the same machine at one time.
An exception to the above may occur if a device uses a service which runs under the Local System account. In such cases, GFI EndPointSecurity will do the following:
- Enumerate all users logged on to the machine.
- Retrieve the permissions for the logged on users for the device.
- Apply the most restrictive settings for all users.