Allow mode means that on all monitored stations, only applications from the Trusted applications list and\or applications that comply with the allow rules are allowed to run. All other applications are blocked based on functional analysis criteria.
Allow Mode can be enabled even if only allow rules are enabled. In this case, it works as a complement for functional analysis allowing launching of certain applications from the denied list. For example, if launching applications from network and shared resources is prohibited in functional analysis criteria, but, at the same time, running specific application is allowed in allow rules, than this application will be launched while other applications are still blocked.
Allow rules and trusted applications can be configured under the Allow mode tab in profile properties.
To use allow mode
1.Set the Use allow mode flag on the Allow mode tab.
2.Specify the settings in at least one of its sections:
3.Click Save.
|
If neither allow rules nor trusted applications are specified, allow mode will be disabled. |
Allow rules are configured in the Allow mode → Allow rules section of the profile properties.
To create a new allow rule
1.In the Allow rules section, click 
Create rule on the toolbar.
2.In Adding rule windows, specify Rule name and click Save.
3.In the rule list, select created rule and specify its settings on the opened properties pane:
a)Set the Enable rule flag to start using this rule.
b)If you want to check the rule operation, set the Switch rule to test mode flag. Applications will not be controlled at stations, but the activity log will be written as for enabled settings. Application launch and block results based on a rule in test mode will be displayed in the Application Control Events section.
If the Switch rule to test mode flag is cleared, the rule operates in active mode and launches applications at stations by specified rule settings (see also modes of profiles operation).
c)In the Allow the launch of applications on the following criteria section, select options according to which the applications launch at stations will be allowed. In the File name field, specify a file or a directory.
Environment variables and wildcards are allowed. You can do the following:
•Specify file or folder.
▫To add an existing folder or file, enter the full path to the file or folder in the input field.
▫To add a file with a particular name, enter the name and the extension in the input field. If the value of the parameter is not a path, it is treated as a file with the specified name in any directory.
▫C:\folder\file.exe—adds the file.exe file stored in C:\folder. ▫C:\folder—adds all files located in C:\folder and its subfolders. ▫file.exe—adds all files with the name file and the .exe extension located in all folders. ▫file—adds all files with the name file located in all folders without regard for the extension. |
•Use a mask which denotes the common part of object names, at that:
▫The asterisk (*) character replaces any, possibly empty, sequence of characters.
▫The question mark (?) replaces any character (one).
▫C:\Program Files\folder\*.exe —adds applications with the .exe extension in the C:\Program Files\folder folder, including those in its subfolders. ▫C:\Program Files\*\*.exe —adds applications with the .exe extension in subfolders of any nesting level of the C:\Program Files folder. ▫example.exe—adds all applications with the name example and the .exe extension located in all folders. ▫example*—adds all types of applications with the name starting with example located in all folders. ▫example.*—adds all applications with the name example in all folders without regard for the extension. |
•You can add an application by the name of a variable if the name and a value of this variable are specified in the environment variable settings.
%EXAMPLE_PATH%\example.exe – adds an application by the name of a system variable. A name of a system variable and its value can be specified in the operating system settings (for Windows OS: Control Panel → System → Advanced system settings → Advanced → Environment variables → System variables). A name of a variable in an example: EXAMPLE_PATH. A value of a variable in an example: C:\Program Files\folder. |
|
Also you can create allow rules from the Application Control Events and Application Catalog sections basing on the data received from stations. At this, application parameters in the rule settings will be filled automatically according to the selected application. |
4.Click Save.
To create a duplicate of allow rule
1.In the Allow rules section, in the rules table, select the rule you want to duplicate for this profile.
2.Click 
Duplicate rule on the toolbar.
3.The new rule will appear in the rules table; its settings will be completely copied from the rule selected at step 1. The number 1 is added to the rule name.
To delete a deny rule
1.In the Allow rules section, in the rules table, select the rule you want to remove from this profile.
2.Click 
Delete rule on the toolbar.
To use trusted applications, perform one of the following actions:
•If trusted applications will be collected at your Dr.Web Server (see also Trusted Applications Repository), enable collecting of trusted applications in the Administration → Application Control → Trusted applications section of the Control Center.
•If trusted applications will be received on your Dr.Web Server via interserver connection from the neighbor Dr.Web Server, specify corresponding settings in the repositories of Dr.Web Servers sending and receiving the Trusted applications product.
Trusted applications of a certain profile are configured in the Allow mode → Trusted applications section of the profile preferences.
The section table contains the list of all trusted applications groups assigned to this profile.
Trusted applications group (or applications white list) is a list of applications collected by the specified conditions from the selected station or station group. This applications will be allowed to run on stations of the anti-virus network for which this profile is assigned when operating in the allow mode.
|
If your Dr.Web Server receives trusted applications via interserver connection from the neighbor Dr.Web Server (see Trusted Applications Repository), the table of groups may contain records with the icon |
To add trusted applications group to a profile
1.In the Trusted applications section, click Add trusted applications group to the profile on the toolbar.
2.The opened window contains all available groups of trusted applications.
|
When configuring allow mode, trusted applications groups are selected from the list of groups available in the repository for the Trusted applications product. |
3.Set the flags next to the groups you want to add to the profile.
4.Click Save.
To remove trusted applications group from a profile
1.In the Trusted applications section table, set the flags for the groups you want to remove from the profile.
2.Click Remove trusted applications group from the profile on the toolbar.
3.Applications of this group will be removed from the list of allowed to run at stations for which this profile is assigned.
|
When removing from a profile, the trusted applications group itself is not deleted. The group is still available in repository and can be added both to this profile and to other profiles. |