Whitelisting Reference Systems
In this scenario you will create a reference system whitelist policy that targets a collection of computers, searches for Windows executables, then adds any Windows executables not currently in a security catalog to a whitelist. You will also add applications already included in a security catalog to the whitelist.
...
- Reference Systems tab
- Enable the policy by using the On/Off toggle.
- Computers - In the dialog, select the computer collection you wish to target with the policy.
- File specifications - In the dialog, select Executables in Windows Directories.
- Reporting filter - In the dialog, select Executables in Windows Directories not present in Security Catalogs.
- Additional Applications to Control tab
- Applications - In the dialog, select Present in Signed Security Catalog.
- Apply to - Leave the default setting, All Windows Computers with Application Control Agent Installed.
- Click Save.