Application Control Solution (ACS) identifies applications to that you can add to a whitelist by connecting and scanning software delivery packages.
...
After you have scanned software delivery packages, you can then add them to a whitelist them by doing the following steps:
- Import the "Application Control - Package Whitelisting" data feed (for instructions on how to import data feeds, go to Using Data Feeds).
- In the Thycotic Security Manager Console, click the Policies tab.
- In the file library in the left pane, navigate to Policies > Arellia Thycotic Solutions > Application Control > Policies > Whitelisting.
- Right-click the Whitelisting folder and click New > Whitelist Software Delivery Packages.
- Name the policy.
- Select all of the packages that will be included in this policy.
- Create a description.
- Click OK.
- The package filters will appear in the Application Control > Filters > Inventory Filters > Package Filters folder as shown in the following screenshot.
- If the package filter is empty, you can run the Collection Update task under Tasks > Infrastructure Scheduled Activities to update the filter collections.
Note |
---|
If the contents of a package change, then run either the Inventory Package or Inventory Packages task (under Tasks > Server Tasks > File Inventory). |
Manual Steps
After the packages have been scanned, the following steps can be used to whitelist the contents of those software delivery packages.
...
Create a whitelist from an MSI package filter
To create a whitelist from an MSI package contents filter, do the following steps:
- In the Thycotic Security Manager, click the Policies tab.
- In the file library in the left pane, navigate to Policies > Arellia Thycotic Solutions > Application Control > Filters > Inventory Filters.
- Right-click Inventory Filters and select New > MSI Package ContentsContents Filter.
- In the Create Item dialog box, create a Name and Description.
- Click OK.
- In the right pane, choose a software delivery package and set the package parameters.
- Click the Save button.
This filter can now be used as a target in Application Control Policiespolicies.
Note |
---|
If the filter does not list any executables, then the File Inventory file inventory command needs to be executed on that package. Navigate to Tasks > Server Tasks > File Inventory and schedule the Inventory Packages inventory packages command to run on that package. |
...