Environment
- App Control Agent: All Supported Versions
- App Control Server: All Supported Versions
Question
Why does App Control randomly reach out to online network locations?
Answer
- The Agent is designed to utilize the Windows Cryptographic API to validate certificates used to sign files.
- Regardless of whether Agent-based certificate revocation checks are enabled, the App Control Server validates certificates in its inventory on a recurring basis to make sure they have not been revoked. This validation generally occurs on a weekly basis and involves downloading Certificate Revocation Lists (CRLs) from Registration Authorities, or making Online Certificate Status Protocol (OCSP) calls to OCSP responders.
- This communication by the Agent/Server will require the endpoint communicating with the Certificate Authority (CA).
- The URL and Port combination required for this communication is determined by the CA and specified in the CRL Distribution Point.
Additional Notes
Related Content