Deep Guard Application monitor

mmartinez

Hi:

I am using fs protection 16.1 and have the following question:

Is there way to add an applicative manually to the "Deep Guard" Monitor?

If yes, how do I add it?

If no, why not?

I would be nice If one could add an applicator of choice,

Thank you

Mario

Ukko

Hello,

 

Sorry for my reply.

 

It's not possible to do with DeepGuard (and not possible to do with FS Protection home PC).

 

Something as explanation for that..... DeepGuard it's not really as application monitor (or application control module). It's more, than something "just one layer from traditional HIPS/behavior/advanced"-technologies/techniques.

Complex-protection with various layers around DeepGuard (which can be as ruler for various of advanced-based technologies). It's mean DeepGuard can not be classical application control solution or sandbox... just because DeepGuard have best of "powerful sides" from current things, but realization comes with another meanings. Also there additional layers for DeepGuard (which not related with application control).

 

But... with current design...  DeepGuard work with all (probably except "list of trusted applications" or during "incompitible mode") application. Such as DeepGuard checking/monitoring all of applications/executables and other. If something goes to be "suspicious" for DeepGuard - FS Protection will create prompt about it... and user can to manually choose "what to do now"  (trusted or not.... application and action).

If something goes to be "malicious" for DeepGuard - Fs Protection will create notification about "blocked" threat/malicious try or related things.

 

It's mean... if DeepGuard does not trigger any notifications... so... application safe.. or malicious application comes with "tricks" (or high-level designed).... or DeepGuard thought that it was valid action.

But DeepGuard goes to check/monitoring for each process (?) and each application, which goes to be launched.

 

 

Which main reason for you (with thoughts)....  to use DeepGuard as Application control with manual "choice" to add application under block-list ?!

Such as... DeepGuard and applications permissions goes to be restricted, but it's not really related with "some of features". Simply application will be prevented for launch. Maybe it's can be helpful as parental feature (?!)... such as if you want to block launching some of application? Because.. if there just about protection-meanings. So maybe... more nice.. do not launch any of malicious/suspicious application. Anyway will be nice to understand... which reasons there.

 

Sorry for my reply... not nice English... and just suggestions.

Maybe F-Secure team will provide normal answer (tomorrow?) and it's will be more helpful.

I just decided to create current words, because thought around same things.

 

 

 

mmartinez

thank you for replying, I underrated now
Mario