Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Create an Application Control Policy

You can create Application Control policies to control the use of specific applications on your end users' machines, or endpoints by selecting the applications to allow and deny users from executing on their machines.

To create an Application Control Policy:

  1. Go to Policy > Application Control.
  2. Click Actions > Create Policy
    app_control_policy_1_5.5.2.png
  3. Name. Enter a unique name for the policy and an optional description. 
  4. Available for Continuous Evaluation. The Continuous Evaluation checkbox is activated by default. The policy is available in Continuous Evaluation mode for Security Configuration Audit.  
  5. Policy Mode. Select Observe or Enforce. 
    • Observe. In Observe Mode, all applications are allowed. Activities are reported when the applications that are not specifically selected as part of the policy are executed. You can notify users about the status of the application without preventing them from using it.
    • Enforce. In Enforce Mode, all applications that are not selected as part of your policy are blocked from users executing them. All activities are reported for the blocked applications.  
  6. Applies to.
    • VMs. Select if your policy applies to Virtual Machines. 
    • Containers. Select if your policy applies to Containers. 
  7. Platform. Currently, only Linux is supported. 
  8. Accounts. Click to select the accounts that your policy will apply to. You can select a whole service instance, or select just a specific account under that service. If you select the whole service instance, accounts added later are selected by default. Click Done when finished. 
  9. Tags. Select any tags you want to use for your rule, and enter one or more key-value pairs. 
    app_control_policy_2_5.5.2.png
  10. Click Next
  11. IF Applications is one of. Click to select applications, then click Done. 
  12. THEN: If you select Observe Mode, then the policy allows all applications and creates an activity for unselected applications. If you select Enforce Mode, then the policy allows only selected apps, and blocks and creates an activity for unselected apps.
    • Observe Mode. For Observe Mode, THEN is Allow Selected Applications AND Create an Event
      app_control_policy_3_5.5.2.png
    • Enforce Mode. For Enforce Mode, THEN is Allow Selected Applications And Block Unselected Applications AND Create an event
      app_control_policy_enforce_5.5.2.png
  13. Click Next
    app_control_policy_4_5.5.2.png
  14. Review your policy and click Save
     
  • Was this article helpful?