Hello, Thank you for the feedback etomcat! I'll ask our UX team to take another look at the terminology and colors based on your suggestions. And now that we are here, any thoughts on additional rules you would like us to bring in the future? Any other wishes or requirements for Application Control? Teemu
... View more
We are soon launching Application Control 2.0 for Windows clients with Computer Protection Premium subscription. It prevents execution and installation of applications, and prevents them from running scripts.
Application Control mitigates the risks posed by malicious, illegal, and unauthorized software in the corporate environment. It provides:
Security: Pre-configured security rules designed by F-Secure penetration testers, which cover attack vectors used to breach into corporate environments (part of initial launch).
Policy Enforcement: The administrator can define what applications are blocked, allowed, or monitored, based on a simple rule editor (to be launched in the weeks following the initial launch)
Application Inventory: The administrator can get a comprehensive view of what apps are running on specific devices or in a company (planned to be launched a few months from the initial release)
The policies can be edited in the Profiles view. There is a toggle to enable or disable Application Control. This toggle is on by default, however the rules are disabled.
Global Rule: Defines what is the last rule applied to all applications. In the initial launch, only "allow all applications" is supported. This means that if an application is not blocked by any of the rules, it will be allowed. In next iteration, we will introduce the rule "Block all applications", which allows tighter control of the security of a computer, as anything not explicitly allowed is blocked by default.
Exclusion Table: Each exclusion rule is controlled by an on/off toggle. Exclusion rules in the table are applied in priority order: the first rule is applied first, the second after that, etc.
By default, exclusion rules are turned off. We recommend turning on all security rules provided by F-Secure, as they provide critical extra security. If one of the rules blocks a legitimate application, it will be visible under the security notifications in the Device view. Before the exclusions, simply turn the rule off and inform us, for example with a comment on this post or through the feedback form in the Management Portal.
In the next release, Admin can also create their own exclusion rules, based on various criterion. But more on that closer to the next release.
... View more
We've received quite a lot of questions around ransomware and PSB lately, and how should our users configure their policies to ensure best possible protection against ransomware.
F-Secure Protection Service for Business offers protection against the ransomware, such as WannaCry, on several layers to ensure that the attack can be stopped in multiple points during the attack chain.
The default setting of Protection Service for Business reflect this approach, but to be certain, double-check that the following features are enabled.
Ensure that Browsing Protection in on: Browsing Protection proactively prevents employees from accessing malicious sites hosting ransomware, via phishing emails or links for example, preventing contact with ransomware in the first place.
Ensure that Real-Time Protection in on: Real-time protection ensures that objects accessed by the user are analyzed on the fly with our full security stack.
Ensure that Software Updater is turned on: Our integrated patch management feature, Software Updater, prevents attacks from exploiting vulnerabilities by automatically deploying the related security patches,
Ensure that DeepGuard is turned on: Deepguard provides host-based behavioral analysis and exploit interception that blocks ransomware based on it's malicious behaviour.
Set Firewall Policy to Strict: Firewall prevents ransomware from propagating within the environment and further encrypting files, for example on a file server.
Further advice on how to protect against ransomware can be found here:
... View more