Defining Allowed Application Criteria | Trend Micro Service Central

Views:

Application Control provides the ability to define criteria that specifically allow certain applications to execute. You can define allow criteria to ensure that Application Control never blocks a certain application, or you can create a complete list of applications allowed to execute on endpoints and then deploy a Lockdown policy to the endpoints. While in Lockdown mode, users cannot execute, access, or install any application that you did not include in the allow criteria.

For more information about Lockdown policies, see Application Control Policy Settings.

Procedure

Go to Policies → Policy Resources → Application Control Criteria.

The Application Control Criteria screen appears.
Click Add Criteria and select Allow.

The Allow Criteria Settings screen appears.
Type a unique Name for the criteria.

Select the level of Trust permission for the applications.

Permission	Description	Example Use
Application cannot execute external processes	Applications cannot access any external processes or start any other applications	Use when you want to allow standalone applications to run on endpoints but prevent access to other processes For example, this setting allows Microsoft Word to run but prevents embedded OLE objects from executing.
Application can execute other processes	Applications can start external processes and applications that users are unable to access directly	Use when you want to allow applications to run on endpoints and still allow access to required child processes or add-ons. For example, this setting allows Internet Explorer to run and also allows Internet Explorer to execute any installed plug-ins.
Inheritable execution rights (not recommended)	Applications can install and start external processes and applications, and the child applications can also install and start external processes and applications	Use when you want to allow installation packages to execute on the endpoint Inheritable execution rights (not recommended) allows the installation package to perform all installation tasks and then also allows the installed application to run all required processes.

Select the Match method used to identify applications and configure required settings.

Method	Description
Application Reputation List	Allows you to apply the criteria to applications that Trend Micro has tested and assigned a security score for For more information, see Application Reputation List.
File paths	Allows you to apply the criteria to any application installed in the specified location For more information, see File Paths.
Certificates	Allows you to apply the criteria to applications based on certificate validity and certificate attributes For more information, see Certificates.
Hash values	Allows you to apply the criteria to applications based on SHA-1 or SHA-256 hash values For more information, see Hash Values.
Gray Software List	Allows you to include applications to the criteria that Trend Micro has tested and found to be potentially harmful The Gray Software List is a subset of the Application Reputation List and contains applications that may be malicious if not used properly. Trend Micro recommends blocking or monitoring applications in the Gray Software List to ensure that your network remains secure.

Click Save.