Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Application Control

...

Application Control policies determine whether or not application actions are run before an end user can run an application. Be default, there are four security policies. Click any of the following to open the Application Control Policy page:

  • Package Contents Whitelist Policy - These policies automatically inventory software packages in a folder or by MSI, and add these applications to a whitelist.
  • Reference System Whitelist policy - These policies automatically inventory systems (Example: Windows directories of computers in a collection), and add discovered applications to a whitelist.
  • Allow Microsoft Installer Policy - Enable any Windows Installer child process to execute and prevent Windows Installer child processes falling under any "Unclassified applications" policies.
  • Allow Whitelist Execution - Allow whitelisted applications to run unmanaged by Application Control Solution and prevent graylist Application Control Policies from applying to whitelisted applications.
  • Deny Blacklist execution - Prevent any application on the blacklist from being executed.
  • Limit Internet Explorer and Mail Clients Process Rights - Restrict the process rights for standard Internet browsers and mail clients. Running these applications with administrative rights can present significant security problems. This policy reduces the risk of an exploit infecting a computer from within these applications.
  • Limit Popular Instant Messaging Application Process Rights - Restrict the process rights for standard Instant Messaging applications. Running these applications with administrative rights can present significant security problems. This policy reduces the risk of an exploit infecting a computer from within these applications.
  • Limit Popular Media Player Process Rights - Restrict the process rights for media player applications. Running these applications with administrative rights can present significant security problems. This policy reduces the risk of an exploit infecting a computer from within these applications.
  • Limit Process Rights for Unclassified Applications Discovered in the Last Week - Restrict the process rights for an application. Unnecessarily running applications with administrative rights can present significant security problems. This policy reduces the risk of an exploit infecting a computer from within an application. This policy applies to applications that have been discovered locally in the last week and has Stage 2 Processing enabled by default.
Info
titleNote

We recommend using the Application Control Wizard to create policies and to associate actions, filters, and target computers. See Working with Application Control Solution

...

.

To access the Application Control Solution policies

  1. In the Altiris Console, click the Tasks tab.
  2. In the left pane, select Tasks > Security Management > Application Control >
    Windows > Application Control Tasks > Application Control Policies.

Item

Description

Enable

Enable the policy. Name Enter a policy name.

Description

Enter a policy description.

Computers

Select a collection the policy will apply to.

Applications to Control

Application

Select the applications you want to control when the associated conditions are met.

Include

Select a condition the application must match for the policy to run.

Exclude

Select a condition the application mustn't match for the policy to run.

Application Actions

Applications

Select actions to occur if an application matches the application filter.

Child applications

Select actions to occur for child processes of an application that matches the application filter. Select from:

...

  • No action

...

  • Application action

...

  • Same as parent

Send policy feedback

Enable policy feedback

Policy Enforcement

Priority

Enter a policy priority to determine its order in relation to

...

other policies. Priority 1 is the highest and will run first.

Continue enforcing policies after enforcing this policy

Continue enforcing policies for child processes after enforcing this policy

Choose to end all processing of the application if the policy is enforced.

Continue enforcing policies for child processes after enforcing this policy

Choose to end all child processing of the application if the policy is enforced.

Stage 2 Processing

Make the application subject to policies applicable to its parent application. That is, the application that spawned the process applicable to this policy.

Application Control

...

policy types

For information, see To create Creating an Application Control policy (page 11)Policy.