Organizations usually face the following concerns while using applications:
- No illegal or fake applications should be installed on client systems.
- Malicious applications should not infect the systems.
- Unnecessary applications should not clog the systems.
With this feature, the administrators can authorize or unauthorize the users to access and work with certain applications, so that no one accesses an unwanted application. If the users try to access an unauthorized application, a notification can also be sent to the users about why they cannot access the application.
The administrators can create various policies based on the requirement of the groups or departments. For example, for the users of the Marketing Department, you can allow access to File Sharing Applications and Web Browser while restrict access to all other applications. For the Accounts Department, you can allow access to Archive Tools and Web Browsers only.
The Application Control feature is available only in the clients with Windows operating systems.
To create a policy for Application Control, follow these steps:
- Log on to the Seqrite Endpoint Security Web console.
- Go to Settings > Client Settings > Application Control.
- To block access to an application, select the Block unauthorized application when accessed check box.
- If you want to send a notification when a blocked application is accessed, select Notify clients when an unauthorized application is blocked.
- Select either Authorized or Unauthorized to each application category as per your requirement.
You can also customize the setting to the application category by clicking the Custom button. - To save your setting, click Save Policy.
Custom
You can customize the application settings that would authorize or unauthorize specific applications or categories. If you authorize or unauthorize an application category, all the applications listed under that category are either allowed or blocked.
For example, from the application category ‘Email Clients’, you can unauthorize access to ‘Thunderbird’, and ‘MailWasher’ and authorize access to all the other applications. Similarly, for the application version ‘Thunderbird’, you can unauthorize access to ‘Thunderbird 1’ and authorize access to all the other versions of that application.
You can customize the applications in the following way:
- Log on to the Seqrite Endpoint Security Web console.
- Go to Settings > Client Settings > Application Control.
- Under Application Control, click Custom to an application category.Ensure that the option Block unauthorized application when accessed is selected, only then you can click the Custom option.
A list of applications under the selected application category appears.
You can edit the application name, process name and application category by clicking the Edit link. - In the list of applications, select all application names that you want to mark as unauthorized.
- To save your setting, click Save Policy.
Add Application
This feature allows you to add a new application to the default list. Adding and unauthorizing an application or file that belongs to the operating system or other system specific aspects may cause system malfunction. Hence, it is advised to add an application that is not a part of operating system or other system related programs.
You can add an application as follows:
- Log on to the Seqrite Endpoint Security Web console.
- Go to Settings > Client Settings > Application Control.
- In the Add Application section, click the Custom Applications button.
- On the Custom Applications screen, click Add Application.
- To add an application, select the option to either provide a process name or path of the application executable file.
- In the Application Name text box, type an application name.
- In the Application Category list, select a category.You can also write a reason for adding a new application to the default list of applications.
This helps Seqrite to improve the quality of the software product.You can also submit the application metadata to the Seqrite lab. - To add the application, click Add Application.
Submit Application metadata to Seqrite lab
With this option, you can send metadata of an application to the Seqrite lab for including it in the application categories. Metadata includes information of application such as its Name, Version, Company Name, and MD5. You can also provide the reason for adding the application. This information will help us to improve the Application Control module.
Application Categories include thousands of applications based on their functionalities. If you block a category, all the applications in that category are blocked.
However, if you have unauthorized an application category but an application is not yet blocked, you can submit that application. Seqrite analyzes the application and then enlists it in the category.
- User may get application blocked prompt even while copying or renaming any unauthorized application.
- Some unauthorized applications may start in case the application executable is updated due to software update. Such applications can be added to Seqrite Endpoint Security Console and you are recommended to submit the Metadata to the Seqrite lab.