...
Arellia's Application Control Solution allows you to manage applications flexibly in a large, distributed client environment by putting:
- known Known trusted applications in a whitelist
- potentially Potentially trusted applications in an orangelist (also known as a graylist)
- everything Everything else in a blacklist
Automated blacklists are problematic, as they will break common functionality.
Exception Blacklist
The exception policy approach is a good initial step when you begin monitoring your environment to determine what applications are actually exceptions. If you were to Automatically blacklist all .exe files it would break common functionality and bring your enterprise to a standstill.
An exception blacklist will block any software that is not covered by Whitelist existing whitelist or Orangelist orangelist policies. Exception Blacklisting should only be implemented after Implement exception blacklisting only after much analysis, end user education, and policy refinement.
[[What's the difference between an Automated Blacklist and an Exception Blacklist?]]
Exception policy. . .this approach is a good initial step when rolling out policies as often times you don’t know what applications are actually exceptions. A policy will be created to blacklist or deny any policies that don’t meet the whitelist or orangelist criteria. Prevent unnecessary helpdesk calls, create a custom message for the blacklist policy.
You can add applications to a blacklist using some of the following criteria:
- Application attributes
- File hash
- Location
- Untrusted applicationsapplication
Related Links