Application control Issues

Aspirant

Application control Issues

Hi there we have F-Secure Client Secuity standard version 14.02

We have applied a policy to block iexplorer to test, however it doesn't seem to work?

 

I am not sure what needs to be done?

explorer.png

1 ACCEPTED SOLUTION

Accepted Solutions
Superuser

Re: Application control Issues

Hello,

 

I would think Teamviewer is best blocked at the gateway level (in firewall/UTM)? If the remote desktop projection traffic packets cannot get through, then the client becomes useless and harmless, even if it can be started on the endpoint.

 

If you block it by file name on the endpoint, then user can simply rename the executable. If you block it by the binary file's SHA1 checksum it becomes a lot of work to maintain the blocking table as new minor versions with new hashes emerge.

 

Best Regards: Tamas Feher, Hungary.

4 REPLIES 4
Superuser

Re: Application control Issues

Hello,

 

Please provide basic info, e.g. which OS do you use?

 

Since IE is part of the Windows system, I think one cannot realistically expect a user-level program to block it. (Note that F-Secure protection products do not include kernel-mode components, to prevent the possibility of any BSOD occuring due to intereference with the OS's operation).

 

I think there may be an AD GPO setting to force the use of Edge browser even if the end-user tries to start IE?

 

Best regards: Tamas Feher, Hungary.

Aspirant

Re: Application control Issues

Thanks for that, 

 

In which case how would I go about blocking something like TeamViewer.exe?

Superuser

Re: Application control Issues

Hello,

 

I would think Teamviewer is best blocked at the gateway level (in firewall/UTM)? If the remote desktop projection traffic packets cannot get through, then the client becomes useless and harmless, even if it can be started on the endpoint.

 

If you block it by file name on the endpoint, then user can simply rename the executable. If you block it by the binary file's SHA1 checksum it becomes a lot of work to maintain the blocking table as new minor versions with new hashes emerge.

 

Best Regards: Tamas Feher, Hungary.

F-Secure
F-Secure

Re: Application control Issues

Hello NateUH,

 

Regarding your initial question. Application control is CS Premium feature. You can find this in the Release notes.

 

Best regards,

Vad