The process of adding sites to the Local Intranet, Trusted Sites, and Restricted Sites zones is easy. So, too, is selecting one of the four broad security level settings. The tricky part is adjusting the individual security settings because you really need to have a thorough understanding of what each of these settings controls. Let’s take a closer look at some of those security settings.

.NET Framework

The settings in the .NET Framework category are specifically designed for the .NET Framework 3.0. The four security settings include:

  • Loose XAML: Controls whether IE7 can navigate to and loose XAML files.
  • XAML browser applications: Controls whether IE7 can navigate to and run XBAPs.
  • XPS documents: Controls whether IE7 can navigate to and load XML Paper Specification (XPS) documents.
  • Enable .NET Framework setup: Controls whether the .NET Framework 3.0 can be installed via IE7.

ActiveX Controls And Plug-ins

The settings in the ActiveX Controls And Plug-ins category allow you to control whether signed or unsigned controls are downloaded and executed. An ActiveX control or plug-in is basically a program object that can be inserted into a Web page by the developer and used to provide some interactive function on the page. For example, an ActiveX control could be used to insert a live stock ticker in a Web page.

A signed ActiveX control is one that includes a certificate stating who created the control and which Certification Authority, such as VeriSign, has credentialed the control. A signed ActiveX control can be considered safe under most circumstances. An unsigned ActiveX control contains neither the author’s name nor a credential. The settings in this category are:

  • Allow previously unused ActiveX controls to run without prompt
  • Allow scriptlets
  • Automatic prompting for ActiveX controls
  • Binary and Script behaviors
  • Display video and animation on a Web page that does not use external media player
  • Download Signed ActiveX Controls
  • Download Unsigned ActiveX Controls
  • Initialize And Script ActiveX Controls Not Marked As Safe
  • Run ActiveX Controls And Plug-ins
  • Script ActiveX Controls Marked Safe For Scripting

These can be set to one of three values: Enable, Disable, or Prompt. The latter setting configures Internet Explorer to display a dialog box asking you whether you want to run the control.

It’s important to point out that the Run ActiveX Controls And Plug-ins setting has an additional option called Administrator Approved, which gives corporate administrators the ability to allow specific ActiveX controls to be run, while locking out all others.