Get Justification Reasons from User for Running an Application

Owned by Anonymous
Last updated: Dec 15, 2015 by Mike Murphy
3 min read

Execute Application Action

Important

This doc applies to customers using only Arellia 7.1 SP2. To see details on justification messages built into newer versions of Arellia Application Control Solution, go to https://www.arellia.com/wiki/display/ACS8D/Display+Advanced+Message

Overview

The Execute Application action allows you to execute an intermediate application when filter criteria are met within an Application Control policy. Then, depending on the exit code of this intermediate application, either allows the original application to run or prevents that application from running.

Example Use Case

You've defined criteria for most of your corporate standard applications, but on occasion, certain users need to run a new application that you haven't fully investigated and updated your policies to include these new applications.

You need to know about this application and need to know why this application is important. Is it a new piece of software? Is it a newer version of an existing managed application? To help solve this, you can now create application policies that include more generic definitions and will ask the user for reasoning before proceeding to run these applications.

To clarify this use case, we've created a sample intermediate application which will prompt the user for a reason before running an application. After providing the reason, the user is allowed to continue running the requested application.

To Import This Sample

This sample requires a new data class, report and an application action in order for it to work properly. It also requires that you install the intermediate application on the targeted computers.

  1. In the Policies view, navigate to Policies > Arellia > Application Control > Actions
    1. Import Justify_ExecuteAction.xml
    2. This will create a new action that can be used within ACS policies.
  2. In the Reports view, navigate to Reports > Arellia > Resource Reports > Application Control > Data Class Reports
    1. Import Justify_Reports.xml
  3. In the Configuration view, navigate to Settings > Notification Server > Resource and Data Class Settings > Data Classes > Arellia > Application Control
    1. Import Justify_DataClasses.xml
  4. Deliver Justify_SampleApplicationBinaries.zip to the targeted computers (into C:\Program Files\Justify).

This sample application requires the Microsoft .NET Client Profile 3.5 or higher installed on targeted computers

This will create a new Event Data Class to store user justification reasons (against computer resources) and provide a report to view these events. This will also provide a new action that can be used within ACS policies.

To Use This Sample (Test Environment)

  1. Create a new application control policy.
    1. Define the filters to use for this example (e.g. Notepad.exe).
    2. In the policy's "Application actions" field, select the Execute Justification Action that you imported in "Importing Step 1".
    3. Refine your computer targets to include just the test computer(s)
    4. Enable this policy.
  2. Visit a targeted computer.
    1. Ensure policies have updated
    2. Launch Notepad.exe
    3. You should be prompted to provide a reason for this application
  3. Revisit the console
    1. In the Resources view, navigate to the targeted computer.
    2. Right-click and select Resource Manager
  4. In Resource Manager
    1. In the Data view, select the Event Classes section (bottom left).
    2. Navigate to Data Classes > Arellia > Application Control > Application Justification
    3. You should see the new events and the reasons users have entered.

You may also create consolidated reports that leverage this new event data class across multiple computers as necessary.

Source code (WPF application written in C# via Visual Studio2010) is provided in the attached Justify_SampleApplicationSource.zip file.

DISCLAIMER

This intermediate software is provided 'as is' with no explicit or implied warranties in respect of any properties, including, but not limited to, correctness and fitness for purpose.

You may freely use the attached Source Code and Object Code compiled from it, with or without modification, but this Source Code is provided to you "AS IS" EXCLUSIVE OF ANY WARRANTY, INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, OR ANY OTHER WARRANTY, WHETHER EXPRESS OR IMPLIED. IN NO EVENT WILL ARELLIA CORPORATION HAVE ANY LIABILITY FOR ANY LOST PROFITS, LOSS OF DATA OR COSTS OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, THOSE RESULTING FROM THE USE OF THE SOURCE CODE, OR THE FAILURE OF THE SOURCE CODE TO PERFORM, OR FOR ANY OTHER REASON.

Arellia Corporation reserves the right to include (in portions or entirety) this intermediate application and/or source code in future versions of products.