Issue: Is there a way to block users from accessing or running a specific file with Business Suite products such as Client Security and Server Security?Can you for example block C:\Temp\temp.do or even the WithSecure Uninstallation Tool?Resolution: With the help of Application Control file access rules, the admin can block the distribution and execution of a certain file in their environment.When creating the rule, providing only a file hash as a rule condition is enough but may result in performance degradation, because of the need to calculate new digests, especially for big files. To optimize rule performance it is recommended to supply a file size as an extra condition for file access rules. Log in to Policy Manager ConsoleSelect the host or domain from the Domain TreeGo to the Settings tabGo to the Application control pageClick Clone to create a custom profile which can be editedSet the newly created profile as the Host profile Click Add ruleSet Event as File access Set Action as Block Add condition: Target SHA1 - Equals - <file SHA1>Add condition: Target size - Equals - <file size>Click OK to save the ruleDistribute the policy (Ctrl + D)Note: To be able to add the target size condition, you need to have F-Secure Policy Manager 14.30This screenshot shows an example how to configure this in Policy Manager Console. This blocks users from launching a "bad" PDF file containing an exploit.