View Source

In this scenario you will create a reference system whitelist policy that targets a collection of computers, searches for Windows executables, then adds any Windows executables not currently in a security catalog to a whitelist. You will also add applications already included in a security catalog to the whitelist.

To access the Application Control Policies page:

Once you are in Arellia > Application Control select the Policies folder
Select Application Control > Policies > Whitelisting

To create a reference system whitelist policy:

Right-click on Whitelisting and select New > Reference System Whitelist

Application Control Solution 7.1 Documentation > Whitelisting reference systems > refw1.PNG

In the right pane, configure the fields as follows:

Application Control Solution 7.1 Documentation > Whitelisting reference systems > policy.PNG

Reference Systems tab
Enable the policy by using the On/Off toggle.
Computers - In the dialog, select the computer collection you wish to target with the policy.
File specifications - In the dialog, select Executables in Windows Directories.
Reporting filter - In the dialog, select Executables in Windows Directories not present in Security Catalogs.

Additional Applications to Control tab
Applications - In the dialog, select Present in Signed Security Catalog.

Apply to - Leave the default setting, All Windows Computers with Application Control Agent Installed.
Click Save.