Application Control Events |
Receiving Statistics Configuration To activate sending the information for the Application Control events from the stations 1.In the section, in the network tree select stations and station groups with Application Control installed from which you want to receive information on applications launch. 2.In the control menu, select . 3.On the tab, set the flag to track processes activity at stations detected by Application Control and send events to Dr.Web Server. If there is no connection with Dr.Web Server, events are collected and sent upon connect. If the flag is cleared, processes activity is ignored. 4.Click . To activate collecting the information for the Application Control events at Dr.Web Server 1.In the section, go to the tab. 2.Set one of the following options: • to receive and write information on any activity of all processes: either allowed or prohibited to launch by Application Control. Setting this option will enable registration of applications in the catalog, as long as at least one profile is created and assigned, with one or several categories of functional analysis criteria selected. • to receive and write information on activity of all processes prohibited to launch by Application Control. For this option, applications will be written to the catalog only after creating profiles by the settings of which application launch will be blocked, and assigning these profiles on stations of anti-virus network.
3.Click . 4.Restart Dr.Web Server. 5.After restarting, Dr.Web Server starts collecting statistics on applications launch received from all stations with Application Control installed. Viewing Statistics To view events detected on stations by Application Control component 1.In the hierarchical list select a station or a group. 2.In the control menu select item from the section. 3.The window containing the list of applications which were prohibited or allowed to run at the selected stations will be opened. 4.The statistics for last 24 hours are displayed by default. To view the data for certain time period, specify the certain time period relatively today in the drop-down list, or select the arbitrary date range on the toolbar. To select the arbitrary date range, enter required dates or click the calendar icons next to the date fields. To load data, click . The tables with statistics will be loaded. The table below contains the description of the table columns. Description of the columns in the Application Control Events table
5.To save the table for printing or future processing, click one of the following buttons: , , , .
Creating Rules To create a new rule basing on the event statistics of the Application Control 1.In the section, select a row with the event in the attempt to launch an application for which you want to create the rule for controlling the launch. 2.The table row click opens the window with information on the selected event. 3.Click . 4.The window for creation of a new rule will be opened. Specify the following settings: a)In the drop-down list, select the Application Control profile for which the rule will be created. b)In the filed, specify the name of creating rule. c)For the option, select the type of creating rule: deny or allow. d)For the option, select the operation mode of the creating rule (corresponds the flag at rule creation in a profile): e)In the section (depending on the rule type selected on step 4b), the fields will be automatically specified in accordance with the applications on the base of which the rule is creating. If necessary, you can edit the settings. 5.Click . The rule will be created in the specified profile of the Application Control. |