Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Application Control Solution (ACS) identifies applications to that you can add to a whitelist by connecting and scanning software delivery packages.

...

After you have scanned software delivery packages, you can then add them to a whitelist them by doing the following steps:

  1. Import the "Application Control - Package Whitelisting" data feed (for instructions on how to import data feeds, go to Using Data Feeds).
  2. In the Thycotic Security Manager Console, click the Policies tab.
  3. In the file library in the left pane, navigate to Policies > Arellia Thycotic Solutions > Application Control > Policies > Whitelisting.
  4. Right-click the Whitelisting folder and click New > Whitelist Software Delivery Packages.
    Image RemovedImage Added
  5. Name the policy.
  6. Select all of the packages that will be included in this policy.
  7. Create a description.
  8. Click OK.
    Image Removed
    Image Added

  9. The package filters will appear in the Application Control > Filters > Inventory Filters > Package Filters folder as shown in the following screenshot.
    Image RemovedImage Added
  10. If the package filter is empty, you can run the Collection Update task under Tasks > Infrastructure Scheduled Activities to update the filter collections.
Note

If the contents of a package change, then run either the Inventory Package or Inventory Packages task (under Tasks > Server Tasks > File Inventory).

 

Manual Steps

After the packages have been scanned, the following steps can be used to whitelist the contents of those software delivery packages.

...

Create a whitelist from an MSI package filter

To create a whitelist from an MSI package contents filter, do the following steps:

  1. In the Thycotic Security Manager, click the Policies tab.
  2. In the file library in the left pane, navigate to Policies > Arellia Thycotic Solutions > Application Control > Filters > Inventory Filters.
  3. Right-click Inventory Filters and select New > MSI Package ContentsContents Filter. 
    Image RemovedImage Added 
  4. In the Create Item dialog box, create a Name and Description
    Image Removed
    Image Added

  5. Click OK.
  6. In the right pane, choose a software delivery package and set the package parameters.
  7. Click the Save button.

This filter can now be used as a target in Application Control Policiespolicies.

Note

If the filter does not list any executables, then the File Inventory file inventory command needs to be executed on that package. Navigate to Tasks > Server Tasks > File Inventory and schedule the Inventory Packages inventory packages command to run on that package.

...