Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Arellia can connect and scan software delivery packages for applications to whitelist using the Arellia Application Control Solution. Application Control Solution (ACS) identifies applications that you can add to a whitelist by connecting and scanning software delivery packages.

You can scan software delivery packages on one any of the following systems:

...

After you have scanned software delivery packages, you can then add them to a whitelist them by doing the following steps:

  1. Import the "Application Control - Package Whitelisting" data feed (for instructions on how to import data feeds, go to Using Data Feeds).
  2. In the Thycotic Security Manager Console, click the Policies tab.
  3. In the file library in the left pane, navigate to Policies > Arellia Thycotic Solutions > Application Control > Policies > Whitelisting.
  4. Right-click the Whitelisting folder and click New > Whitelist Software Delivery Packages.
    Image RemovedImage Added
  5. Name the policy.
  6. Select all of the packages that will be included in this policy.
  7. Create a description.
  8. Click OK.
    Image Removed
    Image Added

  9. The package filters will appear in the Application Control > Filters > Inventory Filters > Package Filters folder as shown in the following screenshot.
    Image RemovedImage Added
  10. If the package filter is empty, you can run the Collection Update task under Tasks > Infrastructure Scheduled Activities to update the filter collections.
Note

If the contents of a package change, then run either the Inventory Package or Inventory Packages task (under Tasks > Server Tasks > File Inventory).

 

Manual Steps

After the packages have been scanned, the following steps can be used to whitelist the contents of those software delivery packages.

...

Create a whitelist from an MSI package filter

To create a whitelist from an MSI package contents filter, do the following steps:

  1. In the Thycotic Security Manager, click the Policies tab.
  2. In the file library in the left pane, navigate to Policies > Arellia Thycotic Solutions > Application Control > Filters > Inventory Filters.
  3. Right-click Inventory Filters and select New > MSI Package ContentsContents Filter. 
    Image RemovedImage Added 
  4. In the Create Item dialog box, create a Name and Description
    Image Removed
    Image Added

  5. Click OK.
  6. In the the filter and then select right pane, choose a software delivery package to include in the filter Save the filterand set the package parameters.
  7. Click the Save button.

This filter can

...

now be used as a target in Application Control

...

policies.

Note

If the filter does not list any executables, then the File Inventory file inventory command needs to be executed on that package. Navigate to Tasks > Server Tasks > File Inventory and schedule the Inventory Packages inventory packages command to run on that package.

...