Test Mode |
In order to make sure that configured profile or rule works correctly, you can use the test mode, which imitates Application Control actions. In this mode, applications are not actually blocked but all activity is getting logged (see Application Control Events), as if the profile or rule was working as usual. To enable test mode for a profile 1.In the section of profile properties, set the flag to start using a profile. 2.Set the flag . 3.Click . A profile in test mode will have the icon in group of the anti-virus network tree. On workstations that have such profile assigned to them, no applications will be blocked based on specified functional analysis criteria, allow or deny rules. Instead, respective statistics will be logged in the section. This log keeps detailed information about each started application, which you can review and use to tailor profile settings for your needs. Once you make sure that tested profile operates as you need, it needs to be switched from test mode to active mode. Active profile has the icon in group of the anti-virus network tree. To disable test mode for a profile 1.In the section of profile properties, clear the flag . 2.Click . Test mode can also be used to check how specific allow or deny rules work in a profile, without switching the profile entirely. To enable test mode for allow or deny rule in a profile 1.In the or section of profile properties, select the rule you created and would like to test. 2.In the opened rule settings, set the and flags. 3.Click . In this mode, applications started on workstations will be blocked but only according to functional analysis criteria and the rules that were not switched to test mode. Allow and deny rules in test mode will work similarly to profiles in this mode, meaning that their settings have no impact on applications being blocked, but each imitated trigger of a rule gets into activity log in the section.
Once you make sure the rule you are testing works properly, it needs to be switched from test mode to active mode. To disable test mode for allow or deny rule in a profile 1.In the or section of profile properties, select the rule you are testing. 2.In the opened rule settings, clear the flag. 3.Click . |