Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Creating an Application Control Policy

Application Control policies determine whether certain actions run before an end user can run an application. For example, a policy might deny an application the ability to execute or quarantine the application when a user attempts to run the application. The easiest way to create these policies is to use the Application Control Wizard, but they can also be created manually.

Creating an Application Control policy

To create an Application Control policy

...

using the wizard, refer to: Application Control policy wizard

To create an Application Control policy manually, refer to: Application Control policies

To use an Existing Policy

  1. From the Arellia Security Management Console, go to the Policies tab.
  2. Navigate to Policies / Arellia / Application Control / Policies.

  Image Added

You can choose from the following policies:

...

  • Allow Microsoft Installer Policy
  • Allow Whitelist Execution
  • Deny Blacklist ExecutionAdministrative Rights Required Detection Policy (Application Compatibility)
  • Administrative Rights Required Detection Policy (Security Manifest)
  • Setup Detection Policy
  • Limit Internet Browser and Mail Client Process Rights
  • Limit Popular Instant Messaging Application Process Rights
  • Limit Popular Media Player Process Rights
  • Limit Process Rights for Unclassified Applications Discovered in the Last Week

Automate Document Encryption
Blank Application Control Policy
Deny Application Execution
Elevate Process Rights
Prevent Windows Hooking
Quarantine Application
Restrict Application Read and Write File Access
Restrict Process Rights
Run an Application in Read-Only Mode
Run an Application in an SVS Layer

Info
titleNote

For descriptions of these Application Control policies, see Overview

This opens the Application Control Wizard in a new window. The following 3 steps take you through the wizard.

Step 1 - Welcome to the Application Control Wizard

Select the computers and applications you want to target with this policy.

  1. To select computers this policy applies to, click the Computers: Image Removed.
  2. In the Collection Selector dialog, select a collection and click Apply.
  3. To include filters in the policy, click the Include: Image Removed.
  4. In the Items Selector dialog, select an application filter. To add your own application filter:
    1. In the Items Selector dialog, click  Image Removed, and select a filter type.
    2. Depending on your selection:
      • In the Collection Summary dialog, enter a name and description for the filter, or
      • In the Dynamic Filter dialog, configure the filter as required.
        For details on what you can configure for each filter, see Application Filters
        (page 24).
        To add additional filters, see (Optional) To Add extra Application Filters
        (page 12).
    3. To exclude filters in the policy, click the Exclude:   Image Removed and follow the procedure in Step 4 above.
    4. Click Next

(Optional) To Add extra Application Filters

You can add as many application filters to a policy as you want:

  1. When you select an application filter in the Item Selector dialog as shown in Step 1 - Welcome to the Application Control Wizard (page 11), click  Image Removed, and select a new filter.
  2. In the Item Selector dialog, click Image Removed, select the filter you just added, and click Apply.
    Your policy now contains two application filters.

Step 2 - Select Actions

In this step, you select actions to apply to an application and its processes. You can also select application action reporting options.

  1. To add an action to the policy, under Select an action to apply to the application, click Select an Item.
  2. In the Items Selector dialog, select an application action.
    To add your own application action:
    1. In the Items Selector dialog, click !Home^NewButton.jpg!  and select an action.
    2. In the Application Action dialog, enter a name and description for the action.
      For details on what you can configure for each action, see Application Actions
      (page 16).
      To add additional actions, see (Optional) To Add extra Application Actions
      (page 13).
  3. To add an action to any Child Process select:
    • Same as Above - Apply the application action to any child process.
      Altiris Application Control Solution Help    12
    • Use Different Action - Click Select an Item, select an application in the
      Items Selector Dialog, and click Apply.
  4. (Optional) Click Send the Notification Server an event if these actions are applied.
  5. Click Next.

(Optional) To Add extra Application Actions

You can add as many application actions to a policy as you want:

  1. When you select an application action in the Item Selector dialog as shown in Step 2
    - Select Actions (page 12), click  Image Removed, and select a new action.
  2. In the Item Selector dialog, click Image Removed, select the action you just added, and click Apply.
    Your policy now contains two application actions.

Step 3 - Policy Details

Enter general policy details and enforcement options.

...

  • Policy Priority - Enter a policy priority to determine its order in relation to other policies.
  • To continue enforcing lower priority policies after enforcing this policy, click the appropriate check box.
  • To continue enforcing lower priority policies for child processes after enforcing this policy, select the appropriate check box.
  • User Requested Elevation Justification Policy
  • Allow Microsoft Security Rated Whitelist Execution Policy
  • Allow Microsoft Installer Policy
  • Deny Manual Security Rated Blacklist Execution