Trend Micro Worry-Free Business Security services comes standard with application control rules. In a recent update it’s been much improved and easier to administer.
These come in handy when you decide you want to block certain types of applications that may be malicious, like file sharing or keyloggers or proxies. It can also be used to block software you don’t want used in your office, like say, music streaming to protect your bandwidth.
Let’s start with blocking.
Decide what you want to block. Click Add a Rule and give it a name. From the dropdown choose Gray Software List. When you select Manage Applications, you’ll see that Trend has prepopulated the most common grayware applications for you to choose from, like proxy anonymizers or packet analyzers, etc. You can block all or select from the list.
If you have something that doesn’t show up in the prepopulated lists, you can select from the dropdown “Files or folder paths” and enter in the location that the application in question normally runs from. You can also use hash value if you know it.
There is also a Certified Safe Software list you can peruse in case there’s anything you want to block for non-security reasons, like games or encryption software.
What’s cool is you can do the same thing on the flip side and allow any of these things. You typically would want to do this if by default Trend was blocking applications your end users needed. The odds are you won’t use the Allow feature all that much.
Using these features truly simplifies your administration of end user programs because it eliminates the need for complex Group Policies. Even if you currently have a more open environment and don’t believe you have an issue with these types of grayware, I encourage you to proactively block some of these anyway. It will help you prevent any malware entry points, the violation of software licensing by your end users, and could assist in minimizing channels for data loss.
For step-by-step documentation on how to do this, here’s Trend’s knowledgebase article.