Application Filters
An application filter defines the applications (groups of files) that can be restricted by an Application Control Policy. There are two types of filters, Dynamic and Inventory. They, along with their subtypes are listed below:
To access the Application Filters:
- In the Symantec Management Console, on the Home menu, click Arellia > Application Control
- In the left pane, select Policies > Application Control > Application Control Tasks > Application Filters
...
Dynamic filters
These filters are evaluated by the Altiris Agent and are used to apply security policies to applications not yet discovered but commonly used or downloaded.
- Application Context Filters - These filters are evaluated by the Altiris Agent and are used to apply security policies to applications in a user context.
- Command Line Filters - A commandline filter examines the commandline (excluding the primary executable) and applies a pattern match (Exact, Partial or Regular Expression).
- Executable Filters -Filters
- Secondary File Filters - A Secondary File filter addresses the situation where the intended action is not the primary executable (such as RunDll.exe), but rather a file specified within the commandline. It examines the commandline of an application to see whether there appears to be a secondary file. If so the secondary file filter applies the specified filters to the secondary file.
- Signed Application Filters -Filters
- Time of Day Filter - These filters allow an application filter to be applied based on the specific time an application is launched. The time details can be set individually for each day of week, or applied to the same period on all days.
- User Context
...
Executable Filters |
|
Instant Messaging Applications -
| You can apply security policies to any of the listed Instant Messaging applications. If any of these applications are installed in the future, you can automatically add them to a policy. You can:
|
Internet Browsers -
| You can apply a security policy to the listed Internet applications. You can configure it the same as Instant Messaging Applications, above. |
Mail Clients -
| You can apply a security policy to the listed mail applications. You can configure it the same as Instant Messaging Applications, above. |
Media Players -
| You can apply security policies to the listed Media Player applications. If any of these applications are installed in the future, you can automatically add them to a policy. You can configure them the same as Instant Messaging Applications, above. |
MS Office Suite -
| You can apply security policies to the listed Microsoft Office Suite applications. If any of these applications are installed in the future, you can automatically add them to a policy. You can configure them the same as Instant Messaging Applications, above. |
Microsoft Installer File Filter | You can configure them the same as Instant Messaging Applications, above. |
Win32 Executable File Filter | You can configure them the same as Instant Messaging Applications, above. |
Secondary File | You can create application filters that are based on the applications file target which is taken from the commandline.
|
Signed Applications
| You can create a filter by associating a digital certificate.
|
Time of Day
| You can create a filter using certain hours.
|
User Context | You can create filters based on the group membership of the user. |
Inventory
...
filters
These collection-based filters are evaluated by the Notification Server and depend on file inventory data. They are used to apply application control policies for already discovered applications.
...