Environment
App Control Console: All versions (was CB Protection)
Objective
This article will demonstrate how to craft a rule to allow specific users or groups to execute a banned file.
Resolution
It’s important to understand how a rule could potentially impact endpoint security prior to creating it in your App Control environment. If there are any questions please contact your account team so they can engage Professional Services before continuing.
To allow banned file execution please walk through the following steps.
- Navigate to Rules > Software Rules > Custom
- Click 'Add Custom Rule'
- Create a Name
- Select Execution Control
- Complete the Path or File, Process, and User or Group sections
- Make the rule as targeted as possible
- Rank the rule higher than the rule used to ban the file in question