Application control Issues

Hi there we have F-Secure Client Secuity standard version 14.02

We have applied a policy to block iexplorer to test, however it doesn't seem to work?


I am not sure what needs to be done?


Best Answer

  • etomcatetomcat Posts: 1,318 Superuser
    Accepted Answer



    I would think Teamviewer is best blocked at the gateway level (in firewall/UTM)? If the remote desktop projection traffic packets cannot get through, then the client becomes useless and harmless, even if it can be started on the endpoint.


    If you block it by file name on the endpoint, then user can simply rename the executable. If you block it by the binary file's SHA1 checksum it becomes a lot of work to maintain the blocking table as new minor versions with new hashes emerge.


    Best Regards: Tamas Feher, Hungary.


  • etomcatetomcat Posts: 1,318 Superuser



    Please provide basic info, e.g. which OS do you use?


    Since IE is part of the Windows system, I think one cannot realistically expect a user-level program to block it. (Note that F-Secure protection products do not include kernel-mode components, to prevent the possibility of any BSOD occuring due to intereference with the OS's operation).


    I think there may be an AD GPO setting to force the use of Edge browser even if the end-user tries to start IE?


    Best regards: Tamas Feher, Hungary.

  • NateUHNateUH Posts: 9

    Thanks for that, 


    In which case how would I go about blocking something like TeamViewer.exe?

  • VadVad Posts: 1,051 F-Secure Employee

    Hello NateUH,


    Regarding your initial question. Application control is CS Premium feature. You can find this in the Release notes.


    Best regards,


This discussion has been closed.