We have old Win2003 systems that need to be supported. After SolidCore 6.x deploying we have to create WhiteLists. According to the documentation there are two possibilities:
- by creating policies with realted Rule Groups
- by using GTI and dynamic trust model
There is no question with first option but as described in the documentation the manually set reputation trough "Actions | Set Reputation by Applicatio Control" is just for decorative purpose and this value is not used to determine real file execution permission.
On the other hand as I undertand if we enable "Use McAfee Global Threat Intelligence (McAfee GTI)" option we will have WL model in which both types of executable files will be enabled for execution:
- known and trusted by GTI
- defined ourself using "Application Control Rules" policy
Is that true? And can we have option that allows us to manage reputation based on WL trough SolidCore inventory process?