Deployment Options
Anti-Executable Service provides the following deployment options based on your requirement:
Deployment Option | When to use | Configuration Options |
|---|---|---|
Staged Deployment | When you are not aware about the files used by the users across your network. Anti-Executable Service collects information about the files launched by the users on their computers. | Stage 1 – Audit only: Logs which files are launched by the users or the system. It is recommended to leave stage 1 for 7-30 days to collect information about all the files used on the computers. Go to the Anti-Executable Dashboard to define which files are to be Allowed or Blocked in the Policy Control List. All files are allowed to run in this stage. Stage 2 – Partial Protection: The Policy Control List is enforced. All files not specified in the Policy Control List (Unknown Files) are allowed and reported as violations in the Anti-Executable Dashboard. Final Stage – Full Protection: The Policy Control List is enforced. All files not specified in the Policy Control List (Unknown Files) are blocked and reported as violations in the Anti-Executable Dashboard. |
Deploy on newly installed or imaged computer environment | When it is a clean computer with known programs and all files can be Allowed. This will create a Local Control List of all files present on a computer. | To globally block files on computers, add those files as Blocked in Policy Control List. Unknown files are Blocked and violations are reported in the Anti-Executable Dashboard. |
Custom Deployment | Create your own custom configuration. | You can create custom configuration for the following: • Files in the Policy • Files on the computer • Unknown files on the computer |