There are two different types of filters: Dynamic Filters and (Static) File Filters
Dynamic Filters - used for specific types of purposes and users i.e., Interactive and Non-interactive Users. Will look at context around when something was run.
Dynamic Filters - These filters are evaluated by the Arellia Management Server (AMS) and are used to apply security policies to applications not yet discovered but commonly used or downloaded.
Dynamic Filters are evaluted at runtime and are not tied to the particular application being run but by other factors
Types of Dynamic Filters include:
- Application Context Filters - These filters are evaluated by the AMS and are used to apply security policies to applications in a user context.
- Command Line Filters - A commandline filter examines the commandline (excluding the primary executable) and applies a pattern match (Exact, Partial or Regular Expression).
- Environment Variables Filters - New to ACS 7.1 SP3 these filters are used for compatibility testing and user requested elevation.
- Network Location Filters - These filters are used to identify what network a computer is attached to.
- Secondary File Filters - A Secondary File filter addresses the situation where the intended action is not the primary executable (such as RunDll.exe), but rather a file specified within the commandline. It examines the commandline of an application to see whether there appears to be a secondary file. If so the secondary file filter applies the specified filters to the secondary file.
- Signed Application Filters - These filters are used to filter applications based on their digital certificate.
- Time of Day Filter - These filters allow an application filter to be applied based on the specific time an application is launched. The time details can be set individually for each day of week, or applied to the same period on all days.
- User Context Filters - These filters are evaluated by the Altiris Agent and are used to apply security policies to applications in a user context.
Drilldown to specific Dynamic Filter types
Dynamic Filters
Application Context Filters | Description |
---|---|
Interactive Users | You can apply policies to applications with interactive users. Select the appropriate check box and enter policy details in the fields provided. |
LocalSystem and Service applications | You can apply policies to LocalSystem and Service applications. Select the appropriate check box and enter policy details in the fields provided. |
Service Applications | You can apply policies to Service applications. Select the appropriate check box and enter policy details in the fields provided. |
Commandline Filters | Description |
| You can create application filters that are based on the commandline of the running application.
|
Environment Variables Filters | Description |
Manual Application Compatibility Setting | You can use this predefined filter for application compatibility. |
User Requested Run As Administrator | You can use this predefined filter for the right click self-elevate option. |
Network Location Filters | Description |
| You can create application filters that are based on which network the computer is attached to.
|
Secondary File | Description |
| You can create application filters that are based on the applications file target which is taken from the commandline.
|
Signed Applications | Description |
Microsoft Signed Applications | You can create a filter by associating a digital certificate.
|
Time of Day | Description |
| You can create a filter using certain hours.
|
User Context | Description |
| You can create filters based on the group membership of the user. |