Application Configuration
  • 18 Oct 2020
  • 1 Minute To Read
  • Print
  • Share
  • Dark
    Light

Application Configuration

  • Print
  • Share
  • Dark
    Light

Configuration > Applications page allows the SecureCircle Server Administrator to manage how new and existing applications are trusted based on their signature and name criteria.

application1.png

Security

Allow All and Allow by Certificate functions determine if an application/process passes validation and is allowed to read data in plain text.

  • Allow All - This will skip the validation for applications when the server calls to get file information upon file operations from the endpoint. So while an application will get added to the Applications list, the server will not check if the application is valid before opening the file. Protected files will open based entirely on user/device permissions.
  • Allow by Certificate - Unlike the Allow All setting, this function does check for application validation before allowing the applications to open files. Based on the additional arguments checked, the application will be denied if it does not meet any of the arguments selected. Additionally as above, the protected files will rely on the application's trusted state (Enabled or Disabled).
    • In order to open a protected file, the application must both be Enabled, and must pass validation based on the above criteria.

Trust by Default

Trust by default simply means whether or not applications are Enabled or Disabled by default when they are added to the Applications list.

  • Allowed signatures - Any application that has the same signature as an already-enabled application will be added as Enabled. All other applications will be Disabled unless they meet the criteria of another setting.
  • Allowed names - Any application that matches the name of another application that is already on the server will be automatically set to Enabled. All other applications will be Disabled unless they meet the criteria of another setting.
  • New Applications - Any application that has never been seen before falls under this category. These new applications will default to Enabled on the server Applications list. All other applications will be Disabled unless they meet the criteria of another setting.
    • It is important to note while this setting is good at recognizing and enabling new applications when setting up a new environment, this can lead to some complications if Operating System applications or processes such as Explorer.exe or Finder get added as Enabled. It is advised to hand-pick applications that are allowed to view the plain text data of protected files for a production environment.
Was This Article Helpful?