PDA

View Full Version : Program Control



deano
2006-08-01, 05:48
Has anyone used program control within Integrity 6.5?

I'm trying to use it but it seems to be ignoring any rules i setup,

Anything unusual i should know?

Cheers

Dean

RobertGraham
2006-08-02, 13:43
Could you post the rule? We played with it and it seemed to work fine.

Make sure that the systems you are dealing with are in the Trusted Zone. If you only block to the Internet Zone and have nothing in your Trusted Zone, it will only block.

Also, you want to watch out that you don't allow a client program like telnet to have server access since this doesn't make sense. You then have no way to test this.

Also, it sounds like things are allowed that you expect to be blocked - not that things are blocked you expect to be allowed. Please confirm this.

Once you get this up, I'll take a look and try to help.

deano
2006-08-04, 08:33
Things are being blocked that i expect to be allowed,

For example, first rule on my program control is Internet Explorer, its firewall rule is Client Any Any yet internet explotrer does not let me browse...

Attached a screen shot...

Thanks for your help

Deano

kva.kva
2006-08-04, 08:39
Are you sure that its your version of IE? What client do you use? If flex - check log on client - may be your personal policy disables IE. What do you see in Integrity server's log?

deano
2006-08-04, 09:36
Yep thats def the correct version of IE, integrity actually detected that version of IE on the client. Personal policy doesnt disable IE either. Using the Zone Labs Integrity Agent as the client.

kva.kva
2006-08-04, 09:42
What do you see in server's log? May be you define incorrect Entity. Do you have Global program's perpmissions?

deano
2006-08-10, 07:55
I havnt setup any Global Program Permissions, shouldnt need to should i?

RobertGraham
2006-08-14, 20:15
No, you shouldn't need to set it up globally. You might try doing this just in case it's a bug specific to your environment.

Also, HFA03 came out on Friday. You might try downloading that from the CHKP website just to get the client software. Try installing that and seeing if it helps.


Also, this sounds dumb but did you make sure to deploy the policy and restart the client?