Versions Compared

Old Version 5

changes.mady.by.user Anonymous

Saved on

compared with

New Version Current

changes.mady.by.user Max Pinion (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

titleSummary

...

Application Control policies determine whether certain actions will be taken, such as privilege elevation or denial, before end users can run an application.

The easiest way to create Application Control Wizard is accessible via the Actions section in the top right of the Arellia Console Home page by selecting "Create Application Control Policy".

The Application Control Wizard opens in a new window and shows 3 types of policies that can be created - Elevate Privileges, Reduce Privileges, and Deny Applications. Image Removed

Elevate Privileges

After selecting Elevate Privileges, there are 5 options for applications to elevate:

  • Application (by name) - Allows a specific application to be elevated. The application can be defined by Filename, Internal name, Product name, or Path.
  • Script - Allows a specified script by path to be elevated.
  • Shared Location - Allows all applications in a specified UNC Share to be elevated.
  • Signed Executables - Allows applications with a specified digital certificate to be elevated.
  • System Options - Allows several system options to be elevated depending on what is selected to be elevated.
    • Add devices, add printers, backup the system, change the date and time, change network adapter settings, defragment the disk, install language packs, and monitor performance can all be elevated from the wizard.

After selecting what to elevate, the target of the policy can also be defined. After the wizard exits, it will take you to the new policy.

Reduce Privileges

After selecting Reduce Privileges, there are 3 options for applications to limit.

  • Application (by name) - Allows a specific application to be limited. The application can be defined by Filename, Internal name, Product name, or Path. It can also have a special message that will appear to the user whenever the application is run.
  • Application (by filter) - Allows a specific filter to be used to limit certain applications. A user message can also be specified.
  • Common Web Browsers - Specified browsers will have their rights reduced. A user message can also be specified.

After selecting what to limit, the target of the policy can also be defined. After the wizard exits, it will take you to the new policy.

Deny Applications

After selecting Deny Applications, you can select what applications to deny by using predefined or creating new filters. An optional user message can also be specified. After selecting what to deny, the target of the policy can also be defined. After the wizard exits, it will take you to the new policy.policies is to use the Application Control Wizard, but you can also create policies manually. (For instructions about how to create a new policy manually, go to Create New Application Control Policies.)

 

To access and use the Application Control Wizard, do the following steps:

  1.  On the Home page of the Arellia Security Manager console, click the Create Application Control Policy button in the Actions section in the middle left of the page.
    Image Added
  2. In the Application Control Policy Wizard, click Elevate Privileges, Reduce Privileges, or Deny Applications
  3. Click Next.
    Image Added