Set Reputation by Application Control doesn't affect endpoints
We have old Win2003 systems that need to be supported. After SolidCore 6.x deploying we have to create WhiteLists. According to the documentation there are two possibilities:
- by creating policies with realted Rule Groups
- by using GTI and dynamic trust model
There is no question with first option but as described in the documentation the manually set reputation trough "Actions | Set Reputation by Applicatio Control" is just for decorative purpose and this value is not used to determine real file execution permission.
On the other hand as I undertand if we enable "Use McAfee Global Threat Intelligence (McAfee GTI)" option we will have WL model in which both types of executable files will be enabled for execution:
- known and trusted by GTI
- defined ourself using "Application Control Rules" policy
Is that true? And can we have option that allows us to manage reputation based on WL trough SolidCore inventory process?