Whitelist MSI and ZIP File Content
Whitelisting can be achieved in several different ways in Thycotic. When using Software Delivery Packages in a whitelist, the applications that will be installed by the package get whitelisted. Using this same approach, Thycotic can scan a UNC path and whitelist executables contained in MSI and ZIP files. To create the server scanning task and whitelist policy, do the following:
- In the Thycotic Security Manager, import the "Application Control - UNC Whitelist Policy Template" data feed (for instructions on how to import data feeds, go to Using Data Feeds).
- Click on the Policies tab
- Navigate to Policies > Thycotic Solutions > Application Control > Policies
- Right-click on the Policies folder and select New > UNC Share Whitelist Policy
- Set the Policy Name and UNC Path
- Thycotic will then automatically create the whitelist policy and UNC File Scan Task
Network File Scan Server Task
When the new policies are created, Thycotic automatically creates a server file inventory task to automatically scan the files in that network location. By default the scan will only happen once, but can be scheduled to be updated as often as needed.
- Click on the Tasks tab
- Navigate to Jobs and Tasks > Server Tasks > File Inventory
- Select the Task that has the UNC path in the title
Viewing the Whitelisted Files
- Click on the Policies tab
- Navigate to Policies > Thycotic Solutions > Application Control > Filters > Inventory Filters > File Parameter Collections
- Select the Filter that has the UNC path in the title