To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

F-Secure Policy Manager: How do I exclude a library from Application Manager

YoinkZ
YoinkZ Posts: 22 Security Scout

Dear All,

 

I have recently installed F-Secure Policy Manager. We need to test this because we wan't to change our AV solution. So far everything looks great, but yesterday I saw a problem I don't know how to solve.

 

Currently we have Application Control enabled and set it to Deny applications by default. We want to monitor it and allow the applications we know is safe (yes we know this will cost a lot of time in the beginning). So my problem is - I have a lot of developers that develop software and every time he creates a new .exe file of their program is generates a new hash (as far as I understand it). So even though I have marked the Application and created a rule that allows it, then next time they compile a new .exe file with the same name shows up and I will have to create a new rule for that one as well.

 

Is is possible for me to exclude a library (network share) where these files are being generated, so I don't have to spent all my time looking in the Application Control?

Comments

  • etomcat
    etomcat Posts: 1,172 Firewall Master

    Hello,

     

    I wonder if it is possible to do something like this, as shown in the attached screenshot?

     

    Best Regards: Tamas Feher, Hungary.

     

    *****************************

     

    appctrl_without_hash.pngPossible workaround?

     

     

     

     

  • YoinkZ
    YoinkZ Posts: 22 Security Scout
    I can for sure give it a try :).

    How would you write the directoy if it is a network share?

    Example: \\Servername\Folder\subfolder\subfolder\file.exe ?
  • YoinkZ
    YoinkZ Posts: 22 Security Scout

    I tried with \\servername\folder\folder\ but that didn't seem to work. The application got caught every time I compiled a new one Smiley Sad.

     

    Any other suggestions?

    If this is not possible I would have to disable Application Control, which is one of the core functions I like in F-Secure.

This discussion has been closed.

Categories