F-Secure Application Control: Part 2

F-Secure’s Application Control allows the active blocking of scripts hidden in malicious files and documents (see related article here), but this is not its only feature. The Application Control module also allows the control of recognised application by implementing block rules based on specified criteria. Multiple criteria can be defined per rule for more control.

These criteria include, but are not limited to the following:

Developer/Company name

Application Description

Copyright

Digital Signature (Signer Name)

Application Product Version

The above examples are the properties of Google’s Chrome web browser on MS Windows. All applications have these properties and can be viewed by right-clicking the main runtime file (exe, msi, etc.). The copyright and digital signer’s name prove the legitimacy of an application and are usually the same for all products released by the developer, in this case, Google.

In most environments, business or home, Google and related products can be trusted without fear. On the other hand, there are types of applications which should be restricted due to the potential threat they pose on security and privacy or if it’s been prohibited from use. These applications can generally be blocked by a firewall but with the growth of portable workstations, aka laptops in the workplace, users won’t always be within the secure confines of the office network. Application Control allows 24/7 control of the applications running on managed devices.