If an application is denied by FSPM server by making rule in application control that no body can use that application or software ,
if any body tries to use that denied application then where we can get the details of that particular user\host FSPM server.
And an alert will reflect under alert tab in FSPM server or not ?
you first need to understand how (current) Application Control is working:
AC is adding dynamic rules to the Firewall to allow/deny the traffic. So only if that application causes IP-Traffic something is blocked. The simple start/use of an application is not controlled at all (yet).
As of this implementation you would not like to get a PM-alert for each IP-packet violating the FW-rules, which could be a huge amount. Instead the the firewall logs to local action.log, which enables an administrator to check locally if/why an application is blocked by F-Secure-Firewall.
But what are you trying to do? You seem to have an idea of AC that is not covered by the design...
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link: