cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 1 of 4

AppControl and the software review board

Jump to solution

good morning.

I'm looking to see how people integrated their software review board into the AppControl process.  How do you get testers of trial software to install their applications and/or review the software?  How do you get software developers, who develop off network to integrate their software into the network?  Looking for any and all thoughts on how to best integrate all of that into an appcontrol process that we are developing.

Trusted installer user accounts are not an option for us so, yeah, it's a little harder than we had thought it would be.

Thanks in advance for any and all information!

2 Solutions

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: AppControl and the software review board

Jump to solution

Hello @mlajoie 

Are those application properly signed and can you use their certificates to add them as installers?

Other option is trusted directories where you can maybe give read access to your users to those directories so they can install software because directory is trusted, but because they have only read access they can't add anything else in that folder to be able to install it.

Second option would require them to submit the software to you and you may place it in those folders.

I hope this helps.


Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: AppControl and the software review board

Jump to solution

You can import your own certs. by signing a executable/installer


Then putting it in a share and run the server task Scan a software repository task for solidcore.

It will pull the exec and cert and allow you to put it in your rule group

 

 

McAfee Support

Benjamin Ellis

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

3 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: AppControl and the software review board

Jump to solution

Hello @mlajoie 

Are those application properly signed and can you use their certificates to add them as installers?

Other option is trusted directories where you can maybe give read access to your users to those directories so they can install software because directory is trusted, but because they have only read access they can't add anything else in that folder to be able to install it.

Second option would require them to submit the software to you and you may place it in those folders.

I hope this helps.


Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 4

Re: AppControl and the software review board

Jump to solution

I'm kind of trying to pick the brains of the collective -- trying to squeeze MACC into a culture that isn't really fond of change and new ways of doing things.  

We don't sign our in-house created packages, apparently.  So using a certificate is out.  We do, though, have our own PKI environment.  Can we import our own certificate(s)?  If so, how?

The trusted directory option is nice.  We'll explore that idea.

What about admins that are testing software - as a one-off or as a potential buy?  They have to test the software before it gets to the SRB.  If we don't allow their accounts as a trusted executable, is there another way that we could automate that process?  I don't want to get a call every time they want to install software for testing.  By the way, if it is decided that the software is not needed any longer or the SRB denies it, how do I block it and/or remove it from whtielisting?

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: AppControl and the software review board

Jump to solution

You can import your own certs. by signing a executable/installer


Then putting it in a share and run the server task Scan a software repository task for solidcore.

It will pull the exec and cert and allow you to put it in your rule group

 

 

McAfee Support

Benjamin Ellis

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community