Skip to main content
Matrix42 Self-Service Help Center

Setting up Application Control to make Empirum the only one trusted installer

ID: 18122601
Languages: EN
Components: EgoSecure Server, EgoSecure Agents
Operating system: Windows

Task

The integration of Matrix42 Empirum and EgoSecure Application Control - allows to automate and extend the administration options in your company. Via the central management tool of the EgoSecure Server - the EgoSecure Management Console - you can setup the Application Control module in the Trusted installer package mode.

Solution

1. Adding Empirum to trusted installers

  1. Open the EgoSecure Management Console and navigate to Product settings | Applications | Trusted installer.
  2. Click Add installer on the toolbar.
    ⇒ The Search files dialog appears.
  3. Select a local computer or an online Agent computer to scan for the Empirum executable files.
  4. Click Search.
    ⇒ Scanning on logical disks starts.
  5. Once the scan finishes, select an installer.
  6. Click Add.
    ⇒ Installer is added to the list.
  7. Click Save.

2. Enabling the Trusted installer engine

  1. Go to Computer management | Applications and select a computer.
  2. Under the Trusted installer tab, check the Enable trusted installer engine box.
    For enabling the Trusted installer engine, the Application Control license is not required.

    TI engine.png
     
  3. Click Save.

    ⇒ Computer scanning for executable files on logical disks starts. As a result, a list of currently installed applications (initial list) and the monitoring of applications installed by the Trusted installer starts.

3. Assigning the Trusted installer package

  1. Under Computer management/User management | Applications, select a directory object.
  2. In the Applications tab, enable the Trusted installer package radio button.

    TI.png
     
  3. Click Save.

    ⇒ From now on, application installations are allowed only to the specified Trusted installers and to applications from the initial list. The initial list is not updated in real time, which means that if an application from the initial list is updated by a non-trusted installer, such an application will be forbidden (its hash value changes).