Trusted Applications |
Trusted Applications Management Trusted applications group (or applications white list) is a list of applications collected by the specified conditions from the selected station or station group. This applications will be allowed to run on all stations of the anti-virus network on which they are added to the profile of the Application Control component operating in the allow mode. Collection of information required to form a group of trusted applications is a demanding procedure, which, based on specified conditions, can have a significant impact on involved computer's performance. In order to reduce load on anti-virus network workstations, information shall be collected using one or several reference workstations, i.e. computers deliberately assigned with this task. An ideal candidate for this job would be a computer with newly installed operating system, latest updates and all the required software. To manage trusted applications on Dr.Web Servers collecting the information, open the Administration → Application Control → Trusted applications section. The section table contains the list of all actual trusted applications groups. The following control buttons are available on the toolbar:
To create a new trusted applications group 1.In the Trusted applications section, click 2.In the General windows, specify the following settings: •Group name—the name of creating trusted applications group. •Description—optional arbitrary description of creating group. Click Next. 3.In the Parameters for adding applications to trusted window, configure the settings according to which applications at stations will be added to the creating group of trusted applications (at least one setting must be selected in each category): Set the Set low priority for information collection process flag if information for created group of trusted applications is collected on a workstation, whose system resources must not be fully occupied with this task.
•Search scope—set the flags for the areas where the information on applications will be collected.
•Type of hashes to add—set the flags for objects whose hashes will be written into creating group of trusted applications. •File categories—set the flags for objects that will be considered during search. Click Next. 4.In the network tree, select stations and station groups to collect information on applications for the trusted list. To select several groups and stations, use ctrL and shift. Set the Do not consider nested groups flag to collect information on stations only in the selected group. If the flsg is cleared, information will be collected on all stations in the selected group and its subgroups. 5.Click Save. 6.The collection of information about applications at the stations will start according to the settings specified. The process may take a long time to complete. Information on the state and updates of trusted application group you can find: •in the general table of the Trusted applications section, •in the additional information on group that is opened when clicking the group row in the general table of the Trusted applications.
To start the update of trusted applications group 1.In the Trusted applications section table, set the flags for the groups you want to update. 2.Click To delete trusted applications group 1.In the Trusted applications section table, set the flags for the groups you want to delete. 2.Click 3.Applications of this group will be removed from the list of allowed to run at stations, and collecting applications for the list of trusted by conditions of this group will be stopped.
To remove information about applications on a certain station from the trusted applications group 1.In the Trusted applications section table, click the line with the applications group from which you want to remove the information about applications on station. 2.In the opened window, in the stations table, set the flags for stations for which you want to remove information about applications. 3.Click
Trusted Applications Repository
If your anti-virus network running several Dr.Web Servers under interserver connection, to facilitate the collection of information, it is possible to distribute the load between your Dr.Web Servers as follows: •Administrator collects information from protected stations on one of Dr.Web Servers. Information automatically placed into the Dr.Web Server repository in the Trusted applications product and propagated via interserver connection according to the specified settings. Information on trusted applications may be collected on several Dr.Web Servers of the network, but network segments served by these Dr.Web Servers must be isolated from each other. •Other Dr.Web Servers get the Trusted applications product update via interserver connection according to the specified settings. You do not need to configure trusted applications collecting on these Dr.Web Servers, because revisions of the product received from the neighbor Dr.Web Server will be placed in the repository.
Before collecting Trusted applications, define which Dr.Web Servers will collect information and send it to neighbor Dr.Web Servers, and which—receive it via interserver connection. Depending on this, you must configure corresponding settings on each of the Dr.Web Servers. To configure Dr.Web Servers collecting and sending trusted applications 1.Open the Administration section. 2.Go to the Detailed repository configuration → Trusted applications section. 3.On the Synchronization tab, clear the Prevent sending updates to neighbor Dr.Web Servers flag and set the Prevent receiving updates from neighbor Dr.Web Servers flag. 4.Click Save. 5.Go to the Administration → Application Control → Trusted applications section and configure collecting of trusted applications as described below. 6.New revision of the Trusted applications product is written to the repository after receiving information from all stations specified in the settings for collecting group of trusted applications. After writing the product revision to the repository, it is propagated via interserver connection to the neighbor Dr.Web Servers. To configure Dr.Web Servers receiving trusted applications 1.Open the Administration section. 2.Go to the Detailed repository configuration → Trusted applications section. 3.On the Synchronization tab, clear the Prevent receiving updates from neighbor Dr.Web Servers flag. If Dr.Web Server should send the Trusted applications product to other Dr.Web Servers via interserver connection, also clear the Prevent sending updates to neighbor Dr.Web Servers flag. 4.Click Save. |