Creating A Rule For An Unknown Application On Root Level - F-SECURE CLIENT SECURITY 9.00 Administrator's Manual

2. Configure the basic application control settings that will be used when application control is running:
a) Select the default action to take when an unknown application tries to make an outbound connection
from the Default action for client applications
b) Select the default action to take when an unknown application tries to make an inbound connection
Default action for server applications
c) Set the new applications to be reported to the administrator by selecting
applications.
This way you can see what kind of applications the end users are trying to launch, and you can define
new rules for them if necessary.
d) Define whether the default messages are displayed to users when an unknown application tries to
make an inbound or an outbound connection by selecting or clearing the
unknown applications
3. Verify the settings and take them into use.
Application control can be enabled for the whole domain as follows:
a) Select Root on the
b) Select the Firewall security levels
control is selected.
c) Click
to save and distribute the policy.

Creating a rule for an unknown application on root level

In this example, a rule will be created to deny the use of Internet Explorer 4.
In this case it is assumed that the program already appears on the
hosts list.
1. Select the application(s) for the rule:
a) Go to the Settings
b) Select Internet Explorer 4.01
c) Click Create rule(s)
2. Select application rule type:
a) Select Deny as the action to take when the application acts as a client and tries to make an outbound
connection.
b) Select Deny
attempt is made.
3. Select the message shown to users:
a) Select whether a message is shown to users when a connection attempt is made.
The options are:
If you selected
clicking Define default
b) If you selected
enter the message there.
In this case you could use a customized message, for example: The use of Internet Explorer
4 is prohibited by company security policy. Please use some other browser
instead.
4. Select the rule target:
a) Select the domain or host that the rule affects from the domains and hosts displayed in the window.
If the target host or domain already has a rule defined for any of the applications affected by the rule,
you are prompted to select whether to proceed and overwrite the existing rule at the host.
check box.
Policy domains tab.
page on the
tab and select the Application control
in the Unknown applications reported by hosts
to start the application control rule wizard.
as the action to take when the application acts as a server and an inbound connection
No message, Default message
Default message, you can check what the currently defined default messages are by
messages....
Customized message, the customized message text box is activated and you can
F-Secure Client Security | Configuring Internet Shield | 99
drop-down list.
drop-down list.
Settings tab, and make sure that
Unknown applications reported by
page.
or Customized
Report new unknown
Show default messages for
Enable application
table.
message.