Profiles

Profiles define the Application Control settings, which specify whether applications, modules, script interpreters, drivers and MSI packages on stations will be launched or blocked.

Profiles are created by the administrator and are assigned to policies, stations and users, as well as groups of stations or users. Profiles define the Application Control operation mode.

Profiles are configured via the anti-virus network tree:

•All profiles are located in the preinstalled Profiles group.

•Objects with assigned profile are placed nested under this profile in the anti-virus network tree.

To configure Application Control

1.Create a new profile.

2.Configure settings of the created profile.

3.Assign the created profile to necessary objects.

It is recommended that profiles are configured in test mode.

Possible operation modes for profiles:

•Disabled—profile is not active, profile settings are not applied.

•Active—profile is active, settings are applied for objects on which the profile is propagated.

•Test global—profile is active but operates in global test mode. This test mode imitates operation of Application Control with full activity logging (see Application Control Events), but no application is getting blocked.

•Test for rules—profile is active and both functional analysis settings and rules are propagated to objects. However the rules switched to test mode have no impact on applications being blocked. Results of their imitated actions are kept in the activity log (see Application Control Events). The test mode can be enabled or disabled in allow and deny rule settings.

The table below illustrates which options are responsible for specific profile operation mode.

Mode Option	Disabled	Active	Test global	Test for rules
General → Enable profile	–	+	+	+
General → Switch profile to global test mode	inactive	–	+	–
<Mode> → <Rule> → Enable rule	inactive	+/–	+/–	+
<Mode> → <Rule> → Switch rule to test mode	inactive	–	+/–	+

Conventions