Application Filters
An application filter defines the applications (groups of files) that can be restricted by an
Application Control Policy. There are three types:?
- Application Context Filters - These filters are evaluated by the Altiris Agent and are used to apply security policies to applications in a user context.
...
- Dynamic Filters - These filters are evaluated by the Altiris Agent and are used to apply security policies to applications not yet discovered but commonly used or downloaded.
...
- Inventory Filters - These collection-based filters are evaluated by the Notification Server and depend on file inventory data. They are used to apply application control policies for already discovered applications.
...
- Command Line Filters - A commandline filter examines the commandline (excluding the primary executable) and applies a pattern match (Exact, Partial or Regular Expression).
...
- Secondary File Filters - A Secondary File filter addresses the situation where the intended action is not the primary executable (such as RunDll.exe), but rather a file specified within the commandline. It examines the commandline of an application to see whether there appears to be a secondary file. If so the secondary file filter applies the specified filters to the secondary file.
...
- Time of Day Filter - These filters allow an application filter to be applied based on the specific time an application is launched. The time details can be set individually for each day of week, or applied to the same period on all days.
...
- User Group Filter - These filters allow the application of application filters based on either the built-in account or Domain User Group status (if Altiris Local Security Solution is installed) of the user executing applications.
| Info | ||
|---|---|---|
| ||
We recommend using the Application Control Wizard to create policies and to associate actions, filters, and target computers. See Application Control Wizard |
...
. |
To access application filters
...
- In the Altiris Console, click the Tasks tab.
...
...
- In the left pane, select Tasks > Security Management > Windows >
Application Control Tasks > Application Filters.
The following table lists all the filters available and a description of each.
Filter | Description |
|---|---|
Application Context Filters | |
Interactive Users | You can apply policies to applications with interactive users. Select the appropriate check box and enter policy details in the fields provided. |
LocalSystem and Service |
...
Applications | You can apply policies to LocalSystem and Service applications. Select the appropriate check box and enter policy details in the fields provided. |
Service Applications | You can apply policies to Service applications. Select the appropriate check box and enter policy details in the fields provided. |
Dynamic Filters | |
Instant Messaging |
...
Applications - |
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
Media Players -
...
? Microsoft Windows
Media Player
? QuickTime
? RealPlayer
? Winamp
You can apply security policies to any of the listed Instant Messaging applications. If any of these applications are installed in the future, you can automatically add them to a policy. You can: |
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
| |
Media Players -
| You can apply security policies to the listed Media Player applications. If any of these applications are installed in the future, you can automatically add them to a policy. You can configure them the same as Instant Messaging Applications, above. |
...
Filter Description
MS Office Suite -
...