Dynamic filters are used for specific types of purposes and users, such as Interactive and Non-interactive Users, and they evaluate the context around when applications are run. Dynamic Filters are evaluted at runtime and are not tied to the particular application being run but by other factors. For example, they are used to apply security policies to applications not yet discovered but commonly used or downloaded.
Types of Dynamic filters
The following types of Dynamic Filters includebuilt-in Dynamic filters are available in the Application Control Solution:
- Application Context Filters - These filters target particular context of applications such as Windows Service or Interactive Applications.are evaluated by the AMS and are used to apply security policies to applications in a user context.
- Command Line Filters - A commandline filter examines the commandline (excluding the primary executable) and applies a pattern match (Exact, Partial or Regular Expression).
- Environment Variables Filters - These filters are used for compatibility testing and user requested elevation.
- Network Location Filters - These filters are used to identify what network a computer is attached to.
- Secondary File Filters - A Secondary File filter addresses the situation where the intended action is not the primary executable (such as RunDll.exe), but rather a file specified within the commandline. It examines the commandline of an application to see whether there appears to be a secondary file. If so the secondary file filter applies the specified filters to the secondary file.
- Signed Application Filters - These filters are used to filter applications based on their digital certificate.
- Time of Day Filter - These filters allow an application filter to be applied based on the specific time an application is launched. The time details can be set individually for each day of week, or applied to the same period on all days.
- User Context Filters - These filters target the user that is running an application.
Standard Filters Available
...
Application Context Filters
...
Description
...
Interactive Users
...
You can apply policies to applications with interactive users. Select the appropriate check box and enter policy details in the fields provided.
...
LocalSystem and Service applications
...
You can apply policies to LocalSystem and Service applications. Select the appropriate check box and enter policy details in the fields provided.
...
Service Applications
...
You can apply policies to Service applications. Select the appropriate check box and enter policy details in the fields provided.
...
Commandline Filters
...
Description
...
...
You can create application filters that are based on the commandline of the running application.
- Enter a filter name and description.
- Enter the Match Option you want to search for.
- Enter the Command line text you are searching for.
...
Secondary File
...
Description
...
...
You can create application filters that are based on the applications file target which is taken from the commandline.
- Enter a filter name and description.
- Select an Item that you want to filter on.
...
Signed Applications
...
Description
...
Microsoft Signed Applications
...
You can create a filter by associating a digital certificate.
- Enter a filter name and description.
- Include Digital Certificates - All files signed by a selected digital certificate will be included in this filter. For information on editing collections, see Notification Server Help.
...
Time of Day
...
Description
...
- Business Hours (8:30AM to 5:30PM)
- Business Hours (8AM to 6PM)
- Business Hours (9AM to 5PM)
- Weekends
...
You can create a filter using certain hours.
- Enter a filter name and description.
- Select that time period(s) that you want to filter on.
...
User Context
...
Description
...
...
- are evaluated by the Altiris Agent and are used to apply security policies to applications in a user context.