Whitelisting reference systems

Owned by Anonymous
Last updated: Jan 27, 2016 by Max Pinion (Deactivated)
1 min read

In this scenario you will create a reference system whitelist policy that targets a collection of computers, searches for Windows executables, then adds any Windows executables not currently in a security catalog to a whitelist. You will also add applications already included in a security catalog to the whitelist.

To access the Application Control Policies page: 

  • In the Symantec Management Console, on the Home menu, click Arellia > Application Control
  • In the left pane, select Policies > Application Control > Application Control Policies

To create a reference system whitelist policy:

  • Right-click on Application Control Policies and select New > Reference System Whitelist



 

  • In the right pane, configure the fields as follows:
    • Reference System Application Control Policy tab
      • Enable the policy by using the On/Off toggle.
      • Computers - In the dialog, select the computer collection you wish to target with the policy.
      • File Specification(s) - In the dialog, select Executables in Windows Directories.
      • Reporting Filter - In the dialog, select Executables in Windows Directories not present in Security Catalogs.
    • Additional Applications to Control tab
      • Application - In the dialog, select Present in Signed Security Catalog.
    • Apply to - Leave the default setting, All Windows Computers with Application Control Agent Installed.
    • Click Save changes.