Environment
- App Control (Formerly CB Protection) Console: All Supported Versions
Question
What are the differences between Trusted Path and Trusted Directory?
Answer
Trusted Path:
What it does?
- Allows the execution/promotion of files from a specified path
Pros:
- Files can be instantaneously executed after added
- Locally approving files can be more secure/controlled
- Has little impact on performance
Cons
- Files must be executed from the specified path (may effect ease of use)
- Specified path is trusted on all devices
Trusted Directory:
What it does?
- Globally approves files in a specified path
Pros:
- Once globally approved, files can be executed from anywhere
- Automatically analyzes and approves files that will be written by archive files
Cons:
- Takes time to process approval and send out to agents
- Can be less secure/controlled (execute from anywhere)
- When overused, can cause performance issues
Additional Notes
- How effective and secure a rule is depends on how it's going to be utilized in the environment. Before implementing any rule it's best to review with a dedicated security team and consider all attack vectors.
- More information on Trusted Paths and Directories can be found on page 262 and 425 of the User Guide.
Related Content