Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

In order to automatically elevate installers regardless of location you can target those installers by internal file details and/or a certificate. It is also possible to automatically elevate installers by scanning a trusted location and then elevating those installers by the installer hash. To create the server scanning task and elevation policies, do the following:

  1. In the Security Manager Console, import the "Application Control - UNC Elevation Policy" data feed (for instructions on how to import data feeds, go to Using Data Feeds).
  2. Click on the Policies tab
  3. Navigate to Policies > Arellia Solutions > Application Control > Policies 
  4. Right-click on the Policies folder and select New > UNC Share Elevation Policy 
  5. Set the Policy Name and UNC Path
  6. Arellia will then create 2 policies, one for EXE files and one for MSI files.

Network File Scan Server Task

When the new policies are created, Arellia automatically creates a server file inventory task to automatically scan the files in that network location. By default the scan will only happen once, but can be scheduled to be updated as often as needed. 

  1. Click on the Tasks tab
  2. Navigate to Jobs and Tasks > Server Tasks > File Inventory
  3. Select the Task that has the UNC path in the title

Viewing Installers Automatically Elevated

To view the installers that will be automatically elevated by the 2 new elevation policies, do the following:

  1. Click on the Policies tab
  2. Navigate to Policies > Arellia Solutions > Application Control > Filters > Inventory Filters > File Parameter Collections 
  3. Select the Filter that has the UNC path in the title 

 

 

 

  • No labels