Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Problem

A Blacklisting Policy which has no targets will apply to all programs and services and prevent them from running on an end-user's machine. After trying to reboot the machine the only thing that shows up is the desktop background or Login screen. The computer acts as if it is frozen and will not allow the Task Manager or other programs to run.

Solution

  1. First login to the Arellia Management Console on the Server and disable the Blacklisting Policy.
  2. Restart the computer that has been effected by the Blacklisting Policy in Safe mode.
  3. Open the Administrator Tools in the Control Panel and then Services.
  4. Find Arellia Application Control, right click and select Properties.
  5. Change the Startup Type to Disabled, Click OK and restart the computer.
  6. After restarting the computer right click on the Symantec Management Agent icon in the taskbar and select Symantec Management Agent Settings and then click Update to update your policy.
  7. You should now be able to open all the programs and services that were previously blacklisted.
  8. Open Services again from the Control Panel and change the Arellia Application Control Startup Type to Automatic.
  9. Restart your computer and everything should work as normal.

How to Avoid this Problem

  1. Deny Execute (Blacklist) policies should target specific applications unless being used in conjunction with whitelist policies. Targeting no applications will target all applications with conditions.
  2. To ensure blacklist policies do not affect system or service applications: from the Arellia Management Console click on Policies, open Policies->Arellia->Application Control->Policies and select your Blacklisting Policy.
  3. Select they hyperlink next to Exclude Any:
  4. Then select Arellia->Application Control->Filters->Dynamic Filters->Application Context-> "LocalSystem and Service application" and move that to the right side. Doing so should prevent the blacklist policy from stopping and Windows Services and Programs from running. This will allow you to update a policy and recover from a bad Deny Execute (blacklist) condition.

         

  • No labels