Application control

Sir,

If an application is denied by FSPM server by making rule in application control  that no body can use  that application or software ,

if any body tries to use that denied application then where we can get the details of that particular user\host FSPM server.

And an alert will reflect under alert tab in FSPM server or not ?

Comments

  • MJ-perCompMJ-perComp Posts: 1,098 Superuser

    you first need to understand how (current) Application Control is working:
    AC is adding dynamic rules to the Firewall to allow/deny the traffic. So only if that application causes IP-Traffic something is blocked. The simple start/use of an application is not  controlled at all (yet).

     

    As of this implementation you would not like to get a PM-alert for each IP-packet violating the FW-rules, which could be a huge amount. Instead the the firewall logs to local action.log, which enables an administrator to check locally if/why an application is blocked by F-Secure-Firewall.

     

    But what are you trying to do? You seem to have an idea of AC that is not covered by the design...

    Ukko
This discussion has been closed.