Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Whitelisting Reference Systems

In this scenario you will create a reference system whitelist policy that targets a collection of computers, searches for Windows executables, then adds any Windows executables not currently in a security catalog to a whitelist. You will also add applications already included in a security catalog to the whitelist.

To create a reference system whitelist policy1.

  1. In the Altiris Console, click the Tasks tab.

...

  1. In the left pane, right-click Tasks > Security Management > Application Control > Windows > Application Control Tasks > Application Control Policies.

...

  1. Select New > Reference System Whitelist.

...

  1. In the right pane, configure the fields as follows:

    ...

      • Check Enable.

    ...

      • Computers - Leave the default setting, All Windows Computers with
        Application Control Agent Installed.

    ...

      • Reference System Options, Computers - In the dialog, select the computer collection you wish to target with the policy.

    ...

      • File Specification(s) - In the dialog, select Executables in Windows
        Directories.

    ...

      • Reporting Filter - In the dialog, select Executables in Windows Directories not present in Security Catalogs.

    ...

      • Applications to Control, Application - In the dialog, select Present in Signed
        Security Catalog.

    ...

    1. Click Apply.