Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

How to configure Integrated Application Control (iAC) to send all application events to the server

    • Updated:
    • 22 Aug 2019
    • Product/Version:
    • Platform:
    • N/A N/A
Summary

Configuring Application Control to send all encountered application of an endpoint can help the administrators determine what software and applications are regularly being accessed by the end-user of that machine. The data, which can serve as machine’s application control inventory, can later be used when building the Application Control criteria of “approved” and “unauthorized” software and applications.

Details
Public

To configure Application Control:

  1. Log onto the Apex Central Web Management Console.
  2. Go to Policies > Policy Resources > Application Control Criteria.

    Configure iAC

  3. Click +Add Criteria and select "Block".

    Configure iAC

  4. Apply the following configuration:

    NAME: Default “Catch-All”
    MODE: Enable assessment mode
    MATCH METHOD: File Paths
    PATH: Any built-in storage
    TYPE: String
    VALUE: *

    Configure iAC

  5. Click Save.
  6. Go to Policies > Policy Management.
  7. Select "Product: Apex One Security Agent".
  8. Create or Edit Policy and go to the Application Control Settings.
  9. Under User-Defined Rules, click the All user accounts.

    Configure iAC

  10. In the Assign Rule dialog box, click the Default “Catch-All” to move it to the Selected criteria.

    Configure iAC

  11. Click Ok to finish and return to Edit Policy page.
  12. Uncheck the “Display a notification when an application is blocked” checkbox.

    Configure iAC

  13. Click Deploy to apply the policy to target endpoints.

After deploying the policy, administrators can generate Log Query of Application Control violations within the next few hours. The result can be filtered to display only violations that fell under the Default “Catch-All” application control criteria by clicking the Show advance filters and configuring the correct criteria.

Configure iAC

 

Use the Customize Columns to display the Matched File Path column to know where the application was executed on the endpoint.

Configure iAC

Premium
Internal
Rating:
Category:
Configure
Solution Id:
1123538
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.