What is Application Whitelisting?
Application Whitelisting allows only trusted software to run on your network, which protects your network from malware threats.
Arellia's Application Control Solution allows you to manage applications flexibly in a large, distributed client environment by putting:
- known trusted applications in a whitelist
- potentially trusted applications in an orangelist (also known as a graylist)
- everything else in a blacklist
Static and Dynamic Whitelists
The standard operating system image(s) can be leveraged to build an initial whitelist. Add to that all packages in the IT delivered software repository, which can also be added to a whitelist. You can add applications to your whitelist using the following attributes:
Reference systems
Managed software
File ownership
Digital signature
Vendor
Locations
Creating a whitelist that targets applications according to file hashes is not very manageable because every time an application is updated, the file hash changes and the application will fall off the whitelist, requiring you to re-add it to the whitelist policy. The Application Control Solution allows you to target applications for your whitelists according to its digital signature, allowing for a dynamic whitelist–when these applications are updated, the digital signature does not change and the application will stay whitelisted.
Multiple Whitelists
As the Whitelist and Orangelist policies both did not have the Continue enforcing policies after enforcing this policy selected, no additional policies will be evaluated once criteria has been met. As such, any applications that don’t meet the Whitelist or Orangelist criteria will be blacklisted when this policy has a larger Policy priority.