Dynamic Filters

Dynamic filters are used for specific types of purposes and users, such as Interactive and Non-interactive Users, and they evaluate the context around when applications are run. Dynamic Filters are evaluted at runtime and are not tied to the particular application being run but by other factors. For example, they are used to apply security policies to applications not yet discovered but commonly used or downloaded.

Types of Dynamic filters

The following types of built-in Dynamic filters are available in the Application Control Solution:

• Application Context Filters - These filters are evaluated by the AMS and are used to apply security policies to applications in a user context.
   
• Command Line Filters - A commandline filter examines the commandline (excluding the primary executable) and applies a pattern match (Exact, Partial or Regular Expression).
   
• Environment Variables Filters - These filters are used for compatibility testing and user requested elevation.
   
• Network Location Filters - These filters are used to identify what network a computer is attached to.
   
• Secondary File Filters - A Secondary File filter addresses the situation where the intended action is not the primary executable (such as RunDll.exe), but rather a file specified within the commandline. It examines the commandline of an application to see whether there appears to be a secondary file. If so the secondary file filter applies the specified filters to the secondary file.
   
• Signed Application Filters - These filters are used to filter applications based on their digital certificate.
   
• Time of Day Filter - These filters allow an application filter to be applied based on the specific time an application is launched. The time details can be set individually for each day of week, or applied to the same period on all days.
   
• User Context Filters - These filters are evaluated by the Altiris Agent and are used to apply security policies to applications in a user context.