Arellia Application Control Solution targets applications based on where they were downloaded from so that you can choose to allow standard users to install signed software from approved websites.
To set up a Download Source Filter, do the following steps:
- In the Thycotic Security Manager Console, click Policies.
- In the file library in the left pane, navigate to Policies > Arellia Thycotic Solutions > Application Control > Filters > My Filters.
- Right-click the My Filters folder and click New > Dynamic File Filters > Download Source Filter.
- In the Create Item dialog box, enter the Name and Description.
- In the right pane, click the following settings:
- If, for example, you want to target all of adobe.com and all sub-domains of adobe.com, then in the Match Type menu choose Partial.
- You can also target a specific sub-domain and directory of a website, such as ftp.hp.com/pub/softpaq/
- Save the filter
- Navigate to Policies > Arellia
- In the Download host field enter adobe.com.
- Click Save.
To set up the privilege elevation policy, do the following steps:
- In the file library in the left pane, navigate to Policies > Thycotic Solutions > Application Control > Policies Policies.
- Right-click Policies and select click New > Elevate Process Rights Set Process Rights.
- In the Create Item dialog box, enter the Name and Description.
- In the right pane under Settings, next to Applications click the Select link.
- Highlight and choose the applications the policy should target to the new download source filter created in step 2.you created previously.
- Click Save.
Tip | ||
---|---|---|
| ||
For additional security, |
...
we recommend you |
...
include a |
...
signed file filter that uses trusted certificate(s) from that domain. |
...
This policy will now automatically elevate applications downloaded from adobe.com and signed by the current Adobe certificate.
Related
...