Discovering Dynamic Application Classes

Just as state sets can provide great distinction in levels of policy enforced, dynamic application classes can also provide granular policy manipulation. If you use the dynamic application classes effectively and efficiently, you can simplify the amount of work you need to perform and the number of rules you need to create when tuning processes. In addition to simplifying the number of rules required to maintain your environment, dynamic application classes can provide much stronger security to the endpoint. The following examples describe some common uses of dynamic application classes and Figure 9-3 shows the configuration of a dynamic application class.

• Telnet applications—You can automatically add processes to this class when they attempt to access remote IP addresses over TCP/23.

Limit executable actions after accessing a protected file—You could place processes in a special class after they read or write to a specific folder. You could then limit the capabilities of this process to ensure it cannot transmit files or perform other actions.

Figure 9-3 Dynamic Application Class Configuration

Figure 9-3 Dynamic Application Class Configuration

Was this article helpful?

0 0

Post a comment