1. Choose Activity policy item in the context menu.
2. Switch to Common rules tab in the Application control policy window. Select the System registry protection scope from the drop-down list.
3. Select a file system object in the tree and
• Check the Read checkbox in order to protect the selected system registry object from reading by applications. This will automatically block changing and deletion of the system registry object.
• Check the Write checkbox to protect the selected system registry object from new entries creation and altering by applications.
• Check the Delete checkbox to protect the selected system registry object from being deleted.
4. Right click in the Use for column to change the group of applications which will be affected by the activity control rule:
• All – the rule will be applied to all applications
• Trusted – the rule will be applied to known/trusted applications, which are present in the system profile
• Restricted - the rule will be applied to potentially dangerous – restricted or unknown applications, which are not present in the system profile
5. Right click in the Use for column and choose Additional item.
6. Change following settings in the Additional window:
| • | Users – select the users to be controlled by the rule |
| • | Time – set time periods for the rule to be active. The rule will be active at all times by default |
| • | Exceptions – select applications to be excluded from the rule |
7. Click on OK button in the Additional window to save changes
8. Click on OK or Apply button in the Common rules tab to save new rule and to update Application control policy.
|
