Application Grouping

What is application grouping?

With Application Grouping in Endpoint Central, administrators can create logical groups or categories to organize applications based on different criteria such as department, role, function, or any other relevant classification. This grouping allows for better visibility and control over the applications being used within the organization. There are two main types of listing namely Allowlist and Blocklist. 

What is application allowlisting?

Application allowlisting, also known as trusted application control is designed to enhance endpoint security by allowing only pre-approved applications to run on endpoints, while blocking all other software. With application allowlisting, organizations can enforce strict control over the applications executed on their endpoints, reducing the risk of malware infections and unauthorized software installations. By creating a list of trusted applications and permitting only those to run, Endpoint Central ensures that endpoints remain secure and protected from potential threats.

What is application blocklisting?

Application blocklisting helps organizations prevent the execution of unauthorized or potentially malicious applications on their endpoints. With Endpoint Central, administrators can create a blocklist of specific applications that they want to restrict from running on protected systems. By maintaining this blocklist, administrators can proactively safeguard their endpoints from known security risks, such as malware or unauthorized software. Application blocklisting in Endpoint Central provides centralized control and allows organizations to enforce strict security policies, reduce the attack surface, and mitigate potential threats to their IT environment.

How to associate applications with custom groups?

1. Log in to the Endpoint Central web console with administrative privileges.
2. Navigate to the App Ctrl tab.
3. Go to Manage and select Application groups to create an Allowlist or Blocklist.
4. Under Deployment, go to Deploy Policy and create a custom group or select an already existing custom group.
5. Select the already existing application group that needs to be associated with the custom group.
6. If required, enable the option to Associate the privileged application list.
7. Select the required option to run the applications either on Audit mode or Strict mode.
8. Enable Custom notifications and Alert message according to your preference.
9. Click Deploy or Deploy immediately.

You have successfully associated applications with custom groups. By associating applications with custom groups in Endpoint Central, you can create logical groupings that allow for easier management, access control, and reporting. This association enables you to define policies, permissions, and restrictions at the group level, providing granular control over the applications used within your organization.

How to enable child process?

A child process is a process invoked by any running application. The child process executed at times can be vulnerable, and in such critical scenarios, we need a feature that allows authentic applications to trigger child processes. The child process feature in Endpoint Central provisions reliable applications to invoke child processes, thereby keeping security breaches at bay.

To configure child process, follow the steps given below:

1. Login to the Endpoint Central web console and navigate to App Ctrl.
2. Under Manage, select Child Process.
3. In the Global Child Process Configuration, select the applications that will be able to run child processes.
4. Click Apply.

You have successfully enabled a child process.

Note: If you are unable to access this module in Endpoint Central Cloud, kindly contact Endpoint Central Cloud Support.