Configuring application control
Application control allows for safe browsing and is an excellent defence against malicious computer programs.
Application control is also an excellent tool for fighting trojans and other network malware as it does not allow
them to send any information to the network.
Application control rules can be used to define more specific restrictions to network traffic, on top of the
restrictions defined in firewall rules. The application permissions cannot be used to allow traffic that has been
denied by static firewall rules. However, if you have allowed some network traffic in the static rules, you can
use application control to decide whether an application can be allowed to take advantage of the rules or not.
In other words, you can create a rule that allows traffic and limit the use of that rule with application control.
When application control is centrally managed, the administrator can decide which programs that access the
network can be used in the workstations. In this way it is possible to prevent the use of programs that are
against the company security policy, and to monitor which programs the end users really are using.
The basic idea when configuring application control is to allow the necessary applications and deny the rest.
How application control and DeepGuard work together
When application control detects an outbound connection attempt, and when it is set to prompt the user to
decide whether to allow or deny the connection, you can set application control to check from DeepGuard
whether the connection should be allowed. This reduces the amount of application control pop-ups shown to
users.
An example:
1.
If there is a rule for the application that tries to open an outbound connection in the
Application Rules
for Known Applications
table, application control allows or denies the connection attempt based on this
rule.
2.
If there is no rule for the application in the
Application Rules for Known Applications
table, application
control allows or denies the connection attempt based on the currently defined
Default action for client
applications
.
3.
If the currently specified default action is
Prompt for user decision
, and if the
Do not prompt for
applications that DeepGuard has identified
setting is turned on, application control checks from
DeepGuard whether it should allow the outbound connection. If DeepGuard now identifies the application,
the end user is not prompted for decision, and the outbound connection is allowed.
4.
If DeepGuard did not identify the application, the user is prompted to decide whether to allow or deny the
connection.
Application control settings
The settings available on the
Settings
➤
Application control
page are described here.
The application control page displays the following information:
Application rules for known applications
Displays the executable file name.
Application
The following actions are available:
Deny
,
Allow
,
User
Decision
.
Act as Client (out)
The following actions are available:
Deny
,
Allow
,
User
Decision
.
Act as Server (in)
F-Secure Client Security | Configuring Internet Shield |
97
Summary of Contents for ANTI-VIRUS FOR MICROSOFT EXCHANGE 9.00
Page 1: ...F Secure Client Security Administrator s Guide...
Page 2: ......
Page 8: ...8 F Secure Client Security TOC...
Page 44: ......
Page 62: ......
Page 86: ......
Page 114: ......
Page 118: ......
Page 135: ...Tammasaarenkatu 7 PL 24 00181 Helsinki Finland F Secure Client Security Virus information 135...
Page 148: ......
Page 158: ......