Configuring Application Control; Application Control Settings - F-SECURE CLIENT SECURITY 9.00 Administrator's Manual

Configuring application control

Application control allows for safe browsing and is an excellent defence against malicious computer programs.
Application control is also an excellent tool for fighting trojans and other network malware as it does not allow
them to send any information to the network.
Application control rules can be used to define more specific restrictions to network traffic, on top of the
restrictions defined in firewall rules. The application permissions cannot be used to allow traffic that has been
denied by static firewall rules. However, if you have allowed some network traffic in the static rules, you can
use application control to decide whether an application can be allowed to take advantage of the rules or not.
In other words, you can create a rule that allows traffic and limit the use of that rule with application control.
When application control is centrally managed, the administrator can decide which programs that access the
network can be used in the workstations. In this way it is possible to prevent the use of programs that are
against the company security policy, and to monitor which programs the end users really are using.
The basic idea when configuring application control is to allow the necessary applications and deny the rest.
How application control and DeepGuard work together
When application control detects an outbound connection attempt, and when it is set to prompt the user to
decide whether to allow or deny the connection, you can set application control to check from DeepGuard
whether the connection should be allowed. This reduces the amount of application control pop-ups shown to
users.
An example:
1. If there is a rule for the application that tries to open an outbound connection in the
for Known Applications
rule.
2. If there is no rule for the application in the
control allows or denies the connection attempt based on the currently defined
applications.
3. If the currently specified default action is
applications that DeepGuard has identified
DeepGuard whether it should allow the outbound connection. If DeepGuard now identifies the application,
the end user is not prompted for decision, and the outbound connection is allowed.
4. If DeepGuard did not identify the application, the user is prompted to decide whether to allow or deny the
connection.

Application control settings

The settings available on the
The application control page displays the following information:
Application rules for known applications
Application
Act as Client (out)
Act as Server (in)
table, application control allows or denies the connection attempt based on this
Application Rules for Known Applications
Prompt for user
setting is turned on, application control checks from
Settings Application control
F-Secure Client Security | Configuring Internet Shield | 97
decision, and if the
page are described here.
Displays the executable file name.
The following actions are available: Deny, Allow,
Decision.
The following actions are available: Deny, Allow,
Decision.
Application Rules
table, application
Default action for client
Do not prompt for
User
User