Video Screencast Help

Consistent hash / certificate based exception for Endpoint Protection

Created: 24 Oct 2012
RUSSYM's picture
1 Agree
0 Disagree
+1 1 Vote
Login to vote
Currently hashed can be used for application control and firewall only. Exception for malware are limited to path, filename and extension. In some cases the filename and/or path is changed but the files are the same. In these cases it would be useful that an exception for malware scanning ( Definition based and SONAR /PTP) could be defined by a hash as well. So we can create our own whitelist, that can be used in the complete network. This whitelist could be used for each module. 
filehash1 exception for AV + SONAR / PTP
filehash2 exception for AV + SONAR / PTP + FIREWALL + APPLICATION CONTROL
filehash3 exception for APPLICATION CONTROL

Additionally a certification based exception would be usefull too. Files that were signed by predefined CA's could be excepted as well.