Allow Mode |
Allow mode means that on all monitored stations, only applications from the list and applications that comply with the allow rules are allowed to run. All other applications are blocked. Allow Mode can be enabled even if only allow rules are enabled. In this case, it works as a complement for functional analysis allowing launching of certain applications from the denied list. For example, if launching applications from network and shared resources is prohibited in functional analysis criteria, but, at the same time, running specific application is allowed in allow rules, than this application will be launched while other applications are still blocked. Allow rules and trusted applications can be configured under the tab in profile properties. To use allow mode 1.Set the flag on the tab. 2.Specify the settings in at least one of its sections: 3.Click .
Allow rules are configured in the section of the profile properties. To create a new allow rule 1.In the section, click on the toolbar. 2.In windows, specify and click . 3.In the rule list, select created rule and specify its settings on the opened properties pane: a)Set the flag to start using this rule. b)If you want to check the rule operation, set the flag. Applications will not be controlled at stations, but the activity log will be written as for enabled settings. Application launch and block results based on a rule in test mode will be displayed in the Application Control Events section. c)In the section, select options according to which the applications launch at stations will be allowed.
4.Click . To create a duplicate of allow rule 1.In the section, in the rules table, select the rule you want to duplicate for this profile. 2.Click on the toolbar. 3.The new rule will appear in the rules table; its settings will be completely copied from the rule selected on step 1. The number is added to the rule name. To delete a deny rule 1.In the section, in the rules table, select the rule you want to remove from this profile. 2.Click on the toolbar. To use trusted applications, perform one of the following actions: •If trusted applications will be collected at your Dr.Web Server (see also Trusted Applications Repository), enable collecting of trusted applications in the section of the Control Center. •If trusted applications will be received on your Dr.Web Server via interserver connection from the neighbor Dr.Web Server, specify corresponding settings in the repositories of Dr.Web Servers sending and receiving the product. Trusted applications of a certain profile are configured in the section of the profile preferences. The section table contains the list of all trusted applications groups assigned to this profile. Trusted applications group (or applications white list) is a list of applications collected by the specified conditions from the selected station or station group. This applications will be allowed to run on stations of the anti-virus network for which this profile is assigned when operating in the allow mode.
To add trusted applications group to a profile 1.In the section, click on the toolbar. 2.The opened window contains all available groups of trusted applications.
3.Set the flags next to the groups you want to add to the profile. 4.Click . To remove trusted applications group from a profile 1.In the section table, set the flags for the groups you want to remove from the profile. 2.Click on the toolbar. 3.Applications of this group will be removed from the list of allowed to run at stations for which this profile is assigned.
|