Application Control Solution identifies applications to add to a whitelist by connecting and scanning software delivery packages.
You can scan software delivery packages on any of the following systems:
After you have scanned software delivery packages, you can then whitelist them by doing the following steps:
- Import the "Application Control - Package Whitelisting" data feed (for instructions on how to import data feeds, go to Using Data Feeds).
- In the Security Manager Console, click the Policies tab.
- In the file library in the left pane, navigate to Policies > Arellia Solutions > Application Control > Policies > Whitelisting.
- Right-click the Whitelisting folder and click New > Whitelist Software Delivery Packages.
- Name the policy.
- Select all of the packages that will be included in this policy.
- Create a description.
- Click OK.
- The package filters will appear in the Application Control > Filters > Inventory Filters > Package Filters folder as shown in the following screenshot.
- If the package filter is empty, you can run the Collection Update task under Tasks > Infrastructure Scheduled Activities to update the filter collections.
If the contents of a package change, then run either the Inventory Package or Inventory Packages task (under Tasks > Server Tasks > File Inventory).
Create a Whitelist from an MSI Package Filter
To create a whitelist from an MSI Package Contents Filter, do the following steps:
- In the Security Manager Console, click the Policies tab.
- In the file library in the left pane, navigate to Policies > Arellia Solutions > Application Control > Filters > Inventory Filters.
- Right-click Inventory Filters and select New > MSI Package Contents Filter.
- In the Create Item dialog box, create a Name and Description.
- Click OK.
- In the right pane, choose a software delivery package and set the package parameters.
- Click the Save button.
This filter can now be used as a target in Application Control Policies.
If the filter does not list any executables, then the File Inventory command needs to be executed on that package. Navigate to Tasks > Server Tasks > File Inventory and schedule the Inventory Packages command to run on that package.