[resolved] Autopilot And Application Rules
1. What logic is used to create new firewall application rules? Is there a whitelist?
2. What insurance is there that an allow rule won't be created for a rogue application? I had this happen and want to prevent this but at the same time do not want to have to use paranoid mode.
Thanks
Comments
-
Hello
Welcome back.
1. We have a large database with known files and publishers. If the file is in that database, the connection is allowed.
2. Rogue applications / Fake Antivirus products don't have a digital signature for the files and the connection will be blocked. Also, if the antivirus engine detects the file as infected, the firewall will automatically deny the connection.
Take care.0 -
Ok, thanks for the response.
0 -
Hello
You are most welcome. If you have other requests, please open a new ticket.
Have a great weekend!0