This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jkougoulos
Participant
‎2022-05-19 12:53 PM

Basic application control question

Hello,

I am trying to understand if there is some form of hierarchy in the applications. For example, I see that there is an application called "Cisco Webex Teams" and an application called "Cisco Webex Teams-video".

Reading sk112249 , I get the feeling that "Cisco Webex Teams" is a superset of "Cisco Webex Teams-video".
However, when I create a rule matching "Cisco Webex Teams" and below a rule matching "Cisco Webex Teams-video", I see hits also on the last rule (with the -video).

So, what is the proper way for allowing fully such applications (that have also -xxxxx apps)?

Should I add all applications that start with the application name that I need to allow, or the above mentioned issue could be perhaps of bug?

Is there any kind of secret wisdom based on tags perhaps?

Kind regards,

John

0 Kudos
4 Replies
David_C1
Advisor
an hour ago

No help on answering this (I see it was posted in 2022) but I have struggled with this question as well. If there were some sort of published "this app contains all of these sub-apps" as in your example below, that would be extremely helpful.

Dave

0 Kudos
the_rock
MVP Diamond
MVP Diamond
an hour ago
In response to David_C1

I totally agree Dave. I usually add all the sub-apps available, as that seems to be the most logical approach.

Best,
Andy
0 Kudos
David_C1
Advisor
an hour ago
In response to the_rock

That would be one way to do it - but would you even know which "sub-apps" to add? For instance, which one of these (if any) would be a "sub-app" to Check Point Services:

Check Point products.jpg

 Dave

0 Kudos
the_rock
MVP Diamond
MVP Diamond
44m ago
In response to David_C1

To answer your question Dave, I have no clue in the world, sorry, I just add whatever comes up as sub-app, thats it.

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events