Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: Rule Processing - Order of Precedence

App Control: Rule Processing - Order of Precedence

Environment

  • App Control (Formerly Cb Protection) console : All Supported Versions

Question

What is the order of precedence for rule processing in App Control?

Answer

The ranking is:
  1. Tamper Protection
  2. Updaters and Rapid Configs
  3. User Created Custom Rules*
  4. Out of the box internal rules for blocking/reporting*

Additional Notes

  • Within Rules > Software Rules > Custom Rules there are out of the box rules that cannot be deleted. User Created rules can either be set above or below the built in rules. One scenario may call for a custom rule to be above the default "Block banned files" or "block unapproved files" and another scenario may call for it to be below. This is so that user rules can override the built in behavior if desired.
  • If a file is locally or globally approved, and a custom execution control rule is written to block the same file (via path/process)- the file would be blocked.

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎09-28-2018
Views:
1050
Contributors