What's Covered
Create a File Scan PolicyFileScan
Create a File Parameter Selection
This document shows you how to create a whitelist policy for your reference system that targets a collection of computers, searches for Windows executables, and then adds any Windows executables to a whitelist.
| Anchor | ||||
|---|---|---|---|---|
|
First you will need to create a resource target that contains the desired reference system(s). To create a resource target, do the following steps:
- In the Security Manager Console, click the Resources tab.
- In the left pane, click Resource Filters.
- Right-click the Resource Target folder.
- Click New > Resource Targets > Resource Target.
- Enter a name and description.
- Click OK.
- In the right pane under Filtering Rules, click the Add rule button.
- In the Then menu, "excludes computers not in" will be the default.
- In the menu just to the right of the Then menu, choose Computer List.
- Then click Select.
- In the Select Item window that opens, click the computer resources that represent your reference system(s).
- Click OK.
| Anchor | ||||
|---|---|---|---|---|
|
Now that you have your targeting established you can create a file scan policy to add files to your whitelist.
...
- In the Security Manager Console, click the Policies tab.
- In the left pane, navigate to the Arellia Solutions > Application Control > Filters > Inventory Filters.
- Right-click the Inventory Filters folder.
- Click New > File Scan Results Filter (Policy).
- Give the filter a name and optional description.
- Click OK.
- In the Right pane, set the Data Source to the new policy.
- Next to Reporting Filter click the Select link and choose the reporting filter you configured in the previous steps.
- Under Results click Included.
- Click Save.
| Anchor | ||||
|---|---|---|---|---|
|
When you have completed the previous steps, put them all into a Reference System Whitelist Policy by doing the following steps:
...