Protect against Internet applications

Application Control Solution protects resources such as files, folders, or domain resources from Internet applications.

First decide what application(s) you'd like to classify as "Internet Applications"; in the following example we will use Internet Explorer.

1. In the Thycotic Security Manager, click the Policies tab.
2. In the file library in the left pane, navigate to Policies > Thycotic Solutions > Application Control > Actions > Application Classifications. 
3. Right-click Application Classifications and click New > Application Classification.  
4. Enter a Name and Description, and then click OK.
5. In the file library in the left pane, navigate to Policies > Thycotic Solutions > Application Control > Policies.
6. Right-click Policies and click New > Blank Application Control Policy.
   
7. In the right pane under the Applications to Control tab, next to Applications click the Select link and choose the action you created previously.
   
8. Click the Application Actions tab.
9. Next to Applications, click the Select link. 
10. Set the action to the InternetApp Classification Action you created previously.
11. Click Save.

As soon as the policy is downloaded by an endpoint, the targeted application(s) will have an additional process token set to "Application Classification\InternetApp." You can then create additional application control policies to target that token and deny the process from creating new processes, or you can set ACLS on folders and files to deny the targeted application from having access.