Application Control Rules

Procedure

1. Go to Endpoint Security → Endpoint Security Configuration → Policy Resources → Application Control Rules.
2. Create or edit a rule.
   • To create a new rule, click Add Application Control rule.
   • To edit an existing rule, click the rule name and go to General
3. Specify a name and description for the rule.
4. Select the action for the rule to take.
   • Allow: Allows the specified application to run.
   • Block: Blocks the specified application from running.
5. Select the Type.
   The Type determines the rule criteria, or what the rule looks for to match objects.

   • Certificate: The rule checks the application certificate for specified values.
   • File path: The rule checks the location of the application.
   • SHA-256: The rule checks the file hash value.
6. If you select Certificate, specify the Property and Value.
   Click Add to specify more than one property and value. Additional criteria uses AND logic, requiring applications to match all specified property and value sets. You can add up to seven properties.

   Each property value has a maximum length:

   • Issuer country max 2 characters
   • Issuer locality max 128 characters
   • Issuer name max 128 characters
   • Issuer organization max 64 characters
   • Issuer organizational unit max 64 characters
   • Issuer state or province max 128 characters
   • Subject name max 128 characters

   Important Server & Workload Protection does not support wildcards in certificate values.

7. If you select File path, specify one or more file paths separated by line.
   Specify one file path per line. The rule supports up to 2000 characters total. File path cannot contain a semi-colon ; in the entry.
8. If you select SHA-256, specify the hash Value.
   Hash values must be exactly 64 hexadecimal characters.
9. Click Save.