Filter
Top Products
100
McAfee
®
Host Intrusion Prevention 6.1 Product Guide Application Blocking Policies
Configuring the Application Blocking Rules policy
6
Creating new Application Blocking Rules
You can create a new rule from scratch or by duplicating an existing rule and editing it.
You create new rules on the
Application Rules tab in the Application Blocking Rules dialog
box.
To create a new application blocking rule:
1 On the
Application Blocking Rules tab in the Application Blocking Rules policy, click Add.
The
Application Rule dialog box appears.
2 Select the application to apply this rule to from the
Application list. If the application
does not appear in this list, click
Browse and navigate to the application’s executable
file.
3 Click
Customize to configure how the rule’s application is matched and select one of
the following:
Application Fingerprint: Calculates a hash of the application on the server that will
match only if the client's application is the same version of the application
referenced on the server.
The path when matched first, but then the fingerprint: When the application is launched
for the first time, it will be matched based on the path specified by the user. If it
matches, the fingerprint will be calculated at the client. From that point on, the
rule will match based only on the fingerprint of the application.
The path always, and not the fingerprint: When the application is launched, it will be
matched based only on the path specified by the user.
4 Select the
Application Options:
Note
You can also create a new rule by selecting an existing rule, clicking Duplicate,
editing the rule, and saving it.
Figure 6-5 Application Rule dialog box
Note
Clicking Browse allows you to navigate to applications on the ePO server. In
most instances, you need to click
Customize and select the appropriate options
to ensure that the correct application on the client system is applied.
Select this option... To do this...
Application rule is Active
Enable this rule.