Versions Compared

Old Version 2

changes.mady.by.user Max Pinion (Deactivated)

Saved on

compared with

New Version Current

changes.mady.by.user Max Pinion (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

What is Application Blacklisting?

Application Blacklisting prevents unwanted applications from running in your environment, which protects your network from malware threats.

Arellia's Application Control Solution allows you to manage applications flexibly in a large, distributed client environment by putting:

  • known Known trusted applications in a whitelist
  • potentially Potentially trusted applications in an orangelist (also known as a graylist)
  • everything Everything else in a blacklist

Bl is software you don’t want on your environment. You don’t necessarily bl base on file hashes or dig sig, but things like games, exe’s that are signed using bad dig sigs, apps that. . .target bad exe’s based on generic exe info and internal product names, it’s well known and you don’t want running in your environment. Bl policies are at P1. You don’t want to deny exe starting off – you want to monitor environment to monitor what should be on whitelist so you don’t end up causing everything not to exe. 

Automated blacklists are problematic, as they will break common functionality. 

...

  •  

Exception Blacklist

The exception policy approach is a good initial step when you begin monitoring your environment to determine what applications are actually exceptions. If you were to Automatically blacklist all .exe files it would break common functionality and bring your enterprise to a standstill.

 An exception blacklist will block any software that is not covered by Whitelist existing whitelist or Orangelist policies. 

Blacklisting Exceptions

Exception policy. . .this approach is a good initial step when rolling out policies as often times you don’t know what applications are actually exceptions. A policy will be created to blacklist or deny any policies that didn’t meet the Whitelist or Orangelist criteria. Prevent unnecessary helpdesk calls, create a custom message for the blacklist policy. 

Blacklisting optionsorangelist policies. Implement exception blacklisting only after much analysis, end user education, and policy refinement.

You can add applications to a blacklist using some of the following criteria:

  • Application attributes
  • File hash
  • Location
  • Untrusted applicationsapplication

Whitelisting

Orangelisting