Creating an application category that includes executable files from selected devices
Expand all | Collapse all
You can use executable files from selected devices as a template of executable files that you want to allow or block. Based on executable files from selected devices, you can create an application category and use it in the Application Control component configuration.
Make sure that the following prerequisites are met:
To create application category that includes executable files from selected devices:
- In the main menu, go to Operations → Third-party applications → Application categories.
The page with a list of categories of executable files is displayed.
- Click the Add button.
The New category wizard starts. Proceed through the wizard by using the Next button.
- On the Select category creation method step, specify the category name and select the Category that includes executable files from selected devices. These executable files are processed automatically and their metrics are added to the category option.
- Click Add.
- In the window that opens, select a device or devices whose executable files will be used to create the application category.
- Specify the following settings:
- Hash value computing algorithm
Depending on the version of the security application installed on devices on your network, you should select an algorithm for hash value computing by Open Single Management Platform for files in this category. Information about computed hash values is stored in the Administration Server database. Storage of hash values does not increase the database size significantly.
SHA256 is a cryptographic hash function: no vulnerabilities have been found in its algorithm, and so it is considered the most reliable cryptographic function nowadays. Kaspersky Endpoint Security for Linux supports SHA256 computing.
Select either of the options of hash value computing by Open Single Management Platform for files in the category:
- If all instances of security applications installed on your network are Kaspersky Endpoint Security for Linux, select the SHA256 check box.
Select the MD5 hash check box only if you use Kaspersky Endpoint Security for Windows. Kaspersky Endpoint Security for Linux does not support the MD5 hash function.
The Calculate SHA256 for files in this category (supported by Kaspersky Endpoint Security 10 Service Pack 2 for Windows and any later versions) check box is selected by default.
The Calculate MD5 for files in this category (supported by versions earlier than Kaspersky Endpoint Security 10 Service Pack 2 for Windows) is cleared by default.
- Synchronize data with Administration Server repository
Select this option if you want that Administration Server periodically to check changes in the specified folder (or folders).
By default, this option is disabled.
If you enable this option, specify the period (in hours) to check changes in the specified folder (folders). By default, scan interval is 24 hours.
- File type
In this section, you can specify file type that is used to create the application category.
All files. All files are taken into consideration when creating the category. By default, this option is selected.
Only files outside the application categories. Only files outside the application categories are taken into consideration when creating the category.
- Folders
In this section you can specify which folders from the selected device (devices) contain files that are used to create the application category.
All folders. All folders are taken into consideration for the creating category. By default, this option is selected.
Specified folder. Only specified folder is taken into consideration for the creating category. If you select this option you must specify path to the folder.
When the wizard finishes, the category of executable files is created. It is displayed in the list of categories. You can use the created category when you configure Application Control.
Page top
[Topic 184076]