Views:
Configure Application Control criteria that you can then assign to Security Agent policy rules. You can create Allow and Block criteria to limit the applications that users can execute or install on protected endpoints. You can also create assessment criteria to monitor the applications executing on endpoints and then refine the criteria based on the usage results.
Important
Important
You must configure Application Control criteria before deploying an Application Control policy to Trend Vision One Endpoint Security agents.
Each managed product provides different policy settings that you can configure and deploy to policy targets. You can find a complete list of supported managed products and the policy settings for each in the Apex Central as a Service Widget and Policy Management Guide.
You can download a PDF version of the guide, or view the guide online, using the following link:
The following table outlines the tasks available on the Application Control Criteria screen.
Task
Description
Add criteria
Click the Add Criteria drop-down button and select from the following options:
  • Allow: Click to define Allow or Lockdown criteria
    For more information, see Defining Allowed Application Criteria.
  • Block: Click to define Block or Assessment criteria
    For more information, see Defining Blocked Application Criteria.
  • Copy: Select an existing criteria and click Copy to define new criteria based on the existing settings
  • Import: Click to select a ZIP package exported from a compatible Application Control source
    Note
    Note
    If the imported package contains criteria names that match preexisting criteria, you have the option to Overwrite existing criteria or Skip the import of the criteria with duplicated names.
Export criteria
Select the check box to the left of existing criteria and click Export to save the selected criteria to a ZIP package (<timestamp>_iACRuleExport.zip)
Delete criteria
Select the check box to the left of existing criteria and click Delete to remove the selected criteria from the list
WARNING
WARNING
If you selected criteria used by existing Apex One Security Agent policies, you must confirm that you want to delete and remove the criteria from all affected Security Agent policies. You cannot undo this action.
Modify criteria
Click a Criteria Name to modify the criteria settings
Note
Note
Affected endpoints receive modified criteria settings the next time the Trend Vision One Endpoint Security agents connect to the server.
View policy associations
Click the value in the Target Policies column to display a list of all Apex One Security Agent policies that implement the criteria.
Tip
Tip
Click a policy name to open a new browser tab on which you can view or modify the policy settings.