To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Application control

Options
ravi12
ravi12 W/ Alumni Posts: 57 Security Scout
in Business Suite

Sir,

If an application is denied by FSPM server by making rule in application control  that no body can use  that application or software ,

if any body tries to use that denied application then where we can get the details of that particular user\host FSPM server.

And an alert will reflect under alert tab in FSPM server or not ?

Comments

  • MJ-perComp
    MJ-perComp W/ Alumni Posts: 669 Firewall Master
    Options

    you first need to understand how (current) Application Control is working:
    AC is adding dynamic rules to the Firewall to allow/deny the traffic. So only if that application causes IP-Traffic something is blocked. The simple start/use of an application is not  controlled at all (yet).

     

    As of this implementation you would not like to get a PM-alert for each IP-packet violating the FW-rules, which could be a huge amount. Instead the the firewall logs to local action.log, which enables an administrator to check locally if/why an application is blocked by F-Secure-Firewall.

     

    But what are you trying to do? You seem to have an idea of AC that is not covered by the design...

This discussion has been closed.

Categories