Excluding specific application actions from application control rules in a local interface
January 10, 2024
To exclude specific application actions from application control rules:
- On the protected virtual machine, open the application settings window.
- In the left part of the window, in the Endpoint control section, select Application Privilege Control.
In the right part of the window, the Application Privilege Control component's settings are displayed.
If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.
- Click the Applications button.
The Applications window opens on the Application Privilege Control rules tab.
- In the list of applications, select the desired application.
- Open the application context menu and select Application rules.
The Application control rules window opens.
- Select the Exclusions tab.
- Select the check boxes next to application actions that do not need to be monitored or that need to be allowed:
- Do not scan opened files.
- Do not monitor application activity.
- Do not inherit restrictions of the parent process (application).
- Do not monitor child application activity.
- Allow interaction with application interface.
- Do not scan network traffic.
If you selected the Do not scan network traffic check box, you can use the links in the lower part of the window to configure the following settings for scanning traffic transmitted for this application:
- Exclude all traffic or only encrypted traffic from scans.
- Exclude from scans the traffic transmitted for this application from any IP address or only from specified IP addresses.
- Exclude from scans the traffic transmitted for this application from any or only from specified ports.
You can modify these settings by clicking the link.
- In the Application control rules window, click OK.
- In the Applications window, click OK.
- To save changes, click the Save button.