Announcement: New Knowledge Base

4 June 2020: We are pleased to announce the launch of a new Knowledge Base, Changelogs for Business Security Products, where you can find more details, such as bugfixes or new features, about the most recent releases of our business-related products.

Application control Issues

Hi there we have F-Secure Client Secuity standard version 14.02

We have applied a policy to block iexplorer to test, however it doesn't seem to work?

 

I am not sure what needs to be done?

explorer.png

Best Answer

  • etomcatetomcat Posts: 1,312
    Accepted Answer

    Hello,

     

    I would think Teamviewer is best blocked at the gateway level (in firewall/UTM)? If the remote desktop projection traffic packets cannot get through, then the client becomes useless and harmless, even if it can be started on the endpoint.

     

    If you block it by file name on the endpoint, then user can simply rename the executable. If you block it by the binary file's SHA1 checksum it becomes a lot of work to maintain the blocking table as new minor versions with new hashes emerge.

     

    Best Regards: Tamas Feher, Hungary.

Comments

  • etomcatetomcat Posts: 1,312

    Hello,

     

    Please provide basic info, e.g. which OS do you use?

     

    Since IE is part of the Windows system, I think one cannot realistically expect a user-level program to block it. (Note that F-Secure protection products do not include kernel-mode components, to prevent the possibility of any BSOD occuring due to intereference with the OS's operation).

     

    I think there may be an AD GPO setting to force the use of Edge browser even if the end-user tries to start IE?

     

    Best regards: Tamas Feher, Hungary.

  • NateUHNateUH Posts: 9

    Thanks for that, 

     

    In which case how would I go about blocking something like TeamViewer.exe?

  • VadVad Posts: 1,048

    Hello NateUH,

     

    Regarding your initial question. Application control is CS Premium feature. You can find this in the Release notes.

     

    Best regards,

    Vad

    etomcatNateUH
This discussion has been closed.