Technical info for admins... ...and other tech gurus.


Green checkmark Use in any app deployment manager. Comes in both .EXE and .MSI file formats.

Green checkmark Small footprint so you can run it at start-up for your local or remote users.

Green checkmark Changes made to your exisiting computer image can be rolled back individually.

Green checkmark One .exe for all operating systems.


Because a lot of the changes that PROimage makes are Windows registry and local GPO settings, PROimage never needs updating, there are no subscriptions or ads of any kind, and you can re-apply it whenever you make system changes or install new software.




Tech image

MCSEs logo

Green checkmarkEliminates DDoS attacks Green checkmark15min account lockout on 3 failed login attempts Green checkmarkEliminates SYN attacks Green checkmarkAutomatic permissionless connections disabled Green checkmarkLast user info cleared Green checkmarkDisables unused services like Telnet Green checkmarkSimple file sharing disabled Green checkmarkUSB auto-run disabled Green checkmarkReduce network traffic noise and increase bandwidth Green checkmarkMore detailed attack auditing
And a lot more...

NetWorld logo
NetworkWorld
In January 2008, the Office of Management and Budget (OMB) instituted a security initiative called the Federal Desktop Core Configuration (or FDCC).

The FDCC iscomprised of about 300 settings on Windows PCs. The objective is to create a standard federal desktop configuration that eases operations and improves security. All Federal agencies were required to implement FDCC settings by February 4, 2008.

Continue reading
InfoWeek logo
InformationWeek
White House Sets Single Security Configuration For Windows Computers.

"A White House mandate to conform to one security configuration on Windows XP and Windows Vista systems should "radically reduce" vulnerabilities. A White House directive is forcing federal government agencies, which currently use perhaps hundreds of different security configurations, to conform to a single one that was designed by the U.S. Air Force."

Continue reading
SANS logo
SANS Institute
Vital to every organization that finds it difficult to install security patches quickly.

"A formal deadline for federal agencies and all application vendors to ensure their systems and applications are fully compatible with the federal desktop core configuration (FDCC). Agencies that led the way with FDCC are already saving many tens of millions of dollars while radically improving security and reducing patching time by more than 90%."

Continue reading
NASA logo
National Aeronautics and Space Administration
The Office of Management and Budget (OMB) has mandated adoption of the Federal Desktop Core Configuration (FDCC) for Windows computers at all agencies.

"FDCC requires changes in system settings, and removes administrative rights. You will still be able to change network settings and many other preferences. Your computer will be safer from hackers, viruses, and spyware as a result."

Continue reading
NIST logo
National Institute for Standards & Technology
This frequently asked questions (FAQ) document addresses subjects associated with the March 2007 OMB-mandated Federal Desktop Core Configuration (FDCC).

Topics include the FDCC, laboratory testing of the FDCC, agency testing of the FDCC, use of the Security Content Automation Protocol (SCAP) to evaluate computers for FDCC compliance, deploying the FDCC, and reporting deviations to the FDCC.


Continue reading
MS logo
Microsoft
The FDCC mandate, issued by the Office of Management and Budget (OMB), requires federal agencies to standardize desktop configurations to meet FDCC standards.

The FDCC is designed to provide a single, standard, enterprise-wide, managed environment for desktops and laptops. By using a common configuration developed for the enterprise rather than hundreds of costly locally created configurations, the federal government will improve security, reduce costs, and decrease application-compatibility issues.

Continue reading



Frequently Asked Questions (FAQs)

The Federal Desktop Core Configuration is a list of security settings recommended by the National Institute of Standards and Technology for general-purpose microcomputers that are connected directly to the network of a United States government agency. In March of 2007 the Office of Management and Budget issued a memorandum instructing United States government agencies to develop plans for using the Microsoft Windows XP and Vista security configurations. The United States Air Force common security configurations for Windows XP were proposed as an early model on which standards could be developed. The FDCC baseline was developed (and is maintained) by the National Institute of Standards and Technology in collaboration with OMB, DHS, DISA, NSA, USAF, and Microsoft, with input from public comment.

This product was produced by automating the approximately 300 Windows settings changes developed by the National Institute of Standards (NIST) and their codifying and publication of the Guidance for Securing Microsoft Windows Systems for IT Professionals: A NIST Security Configuration checklist. In addition, settings have also been developed, tested, deployed, and applied by the creators of PROimage For Windows on user systems in highly secure enterprise PC environments (more than 10,000 users per enterprise in telecom, healthcare and banking) and these system changes have also been added to the PROimage package to increase flexibility and ease of use. The PROimage program modifies several key policy areas of the Windows system including password policy, account lockout policy, auditing policy, user rights assignments, system security options, event log policy, system service settings, and file permissions. The application is packaged in both .EXE and .MSI formats for ease of distribution by administrators. PROimage For Windows should be considered part of a comprehensive and layered security regimen that includes fire-walls, backup routines, and up to date anti-virus definitions.

The configuration packaged into PROimage are "hidden" Windows settings and will not affect the look and feel of Windows.

If you have Microsoft Windows you have all you need. We've packaged all the MS operating systems into one install. PROimage recognizes your operating system, then installs only the correct matching version.

The Windows registry is a central hierarchical database used in Microsoft Windows to store information that is necessary to configure the system for users, applications and hardware devices. The registry contains information that Windows continually references during operation, such as profiles for each user, the applications installed on the computer and the types of documents that each can create, property sheet settings for folders and application icons, what hardware exists on the system, and the ports that are being used. Instructions for backing up the Windows registry can be found here.

USB auto-run functions are disabled.Your USB ports will work - they just won't automatically run any software located on the USB drive. Any programs that reside on a USB drive must be triggered (started) manually for security purposes.

Yes, and yes. We have allowed WiFi printing in PROimage For Windows. There are a couple of cases where we have changed the NIST configuration. In thesse few cases, the requirements were such that they could break typical home or office use functions such as WiFi printing.

Yes, it will. But only as far as other computers conecting to you. Normal web browsing, file downloads, streaming services, etc. should all stay unaffected, however, your computer will appear more hidden to others trying to connect.

Contact us. You can reach us through our Contact Page or by sending an email to support@proimageforwindows.com.

Contact us. You can reach us through our Contact Page or by sending an email to info@PROimageForWindows.com.

Privacy Policy and Terms of Use

PROimage For Windows Privacy Policy

The only info we keep is the email address that you supplied at purchase. We keep that so that we can send you any update notices, for a free upgrade for the upcoming Windows 11 release, for example, and for our purchase records. All customer data of this sort is immediately removed from, and archived off, our web servers.

We don't store cookies of any kind on your machine.

We do collect IP information from website visitors so that we can see where our web traffic is coming from.

We also use PayPal rather than our own shopping cart for two reasons. Anyone can use PayPal as a 'guest' and make a purchase through PayPal with just about any other payment system available. The other reason is that we just don't want your CC info.


PROimage For Windows Software Terms of Use

We worked really hard getting our certifications and experience to put together PROimage For Windows. We took a lot of over-priced classes, and spent a lot on the equipment to build and run everything to bring enterprise level security to everyone else at what we think is a really fair price.

We toiled in grey cubes and cold server rooms, and ate leftover donuts and pizza at 3am, and slept on the floor under our desks during holiday roll-outs and go-lives to earn our bones. We have waded through more 'strategy' and 'production' meetings that we can count, and we did it without complaint (mostly) - all to advance desktop and mobile security.

So, we would really appreciate it if you didn't post PROimage on some P2P site somewhere. It's likely not going to work without a validation key anyway, which is hashed and built into the app itself.

If you do want to give a copy to Aunt Edna who got her new PC for her birthday so she can Skype with the grandkids - go for it. We won't mind.


PROimage For Windows Software Disclaimer

Although the settings in PROimage For Windows have been thoroughly tested by both the NIST and by the tech team at BlueSky Codeworx, the creators of PROimage For Windows, please realize that every computer system, with it's own brand and mix of hardware, software, drivers, periperals, etc. is quite unique.

We have done our best to ensure that PROimage For Windows has a small footprint, is easy to deploy and/or install, and is unlikely to break your system. If anything does arise, we promise that we will do our best to work with you to resolve the issue. Most things can be resolved quite easily with a reverse systems setting change and about as quick as we can get a reply to you. We've never had an issue come up that we couldn't resolve almost immediately.

That said, take some care and caution here. These are powerful system settings that sometimes reside in the core of your Windows operating system and we cannot be held responsible for complete universal system configuration compatibility. the combinations of disparate PCs are now in the trillions.

We strongly recommend backing up your Windows Registry and saving the file on to a thumbdrive before starting. See how to do that on our Tech Info page.