...
- Whitelisting Software Packages (page 48)
- Whitelisting Reference Systems (page 49)
- Restrict an Application's Process Rights (page 50)
- Automate Document Encryption (page 50)
- Prevent Malicious Applications from Running (page 51)
- Prevent Read/Write to File Types or Network Locations (page 52)
- Run an Application in an SVS Layer (page 53)
- Quarantine Files (page 53)
Whitelisting Reference Systems
In this scenario you will create a reference system whitelist policy that targets a collection of computers, searches for Windows executables, then adds any Windows executables not currently in a security catalog to a whitelist. You will also add applications already included in a security catalog to the whitelist.
To create a reference system whitelist policy
1. In the Altiris Console, click the Tasks tab.
2. In the left pane, right-click Tasks > Security Management > Application Control > Windows > Application Control Tasks > Application Control Policies.
3. Select New > Reference System Whitelist.
4. In the right pane, configure the fields as follows:
? Check Enable.
? Computers - Leave the default setting, All Windows Computers with
Application Control Agent Installed.
? Reference System Options, Computers - In the dialog, select the computer collection you wish to target with the policy.
? File Specification(s) - In the dialog, select Executables in Windows
Directories.
? Reporting Filter - In the dialog, select Executables in Windows Directories not present in Security Catalogs.
? Applications to Control, Application - In the dialog, select Present in Signed
Security Catalog.
5. Click Apply.
Altiris Application Control Solution Help 49
...