Software Delivery Package Whitelist

Application Control Solution identifies applications to add to a whitelist by connecting and scanning software delivery packages.

You can scan software delivery packages on any of the following systems:

After you have scanned software delivery packages, you can then whitelist them by doing the following steps:

  1. Import the "Application Control - Package Whitelisting" data feed (for instructions on how to import data feeds, go to Using Data Feeds).
  2. In the Security Manager Console, click the Policies tab.
  3. In the file library in the left pane, navigate to Policies > Arellia Solutions > Application Control > Policies > Whitelisting.
  4. Right-click the Whitelisting folder and click New > Whitelist Software Delivery Packages.
  5. Name the policy.
  6. Select all of the packages that will be included in this policy.
  7. Create a description.
  8. Click OK.



  9. The package filters will appear in the Application Control > Filters > Inventory Filters > Package Filters folder as shown in the following screenshot.
  10. If the package filter is empty, you can run the Collection Update task under Tasks > Infrastructure Scheduled Activities to update the filter collections.

If the contents of a package change, then run either the Inventory Package or Inventory Packages task (under Tasks > Server Tasks > File Inventory).

 

Create a Whitelist from an MSI Package Filter

To create a whitelist from an MSI Package Contents Filter, do the following steps:

  1. In the Security Manager Console, click the Policies tab.
  2. In the file library in the left pane, navigate to Policies > Arellia Solutions > Application Control > Filters > Inventory Filters.
  3. Right-click Inventory Filters and select New > MSI Package Contents Filter. 
     
  4. In the Create Item dialog box, create a Name and Description



  5. Click OK.
  6. In the right pane, choose a software delivery package and set the package parameters.
  7. Click the Save button.

This filter can now be used as a target in Application Control Policies.

If the filter does not list any executables, then the File Inventory command needs to be executed on that package. Navigate to Tasks > Server Tasks > File Inventory and schedule the Inventory Packages command to run on that package.