 |
 |
|
|
||||
|
 |
|
|||||||
  |
|
 |
Application WizardA flawless execution of isolated application may require specific access rules. The rules describe important resources (files, registry, etc.) an application must have unrestricted access to. GeSWall has pre-configured rules for most popular internet applications: web browsers, e-mail clients, messengers, file sharing clients, office applications. etc. Those specific rules come with Application Database. GentleSecurity staff regularly adds new applications to the database which is received through the automatic update service. However, in some cases it is required to customize pre-configured rules or add support for new application. Application Wizard aims to automate and simplify the task. Application Wizard can be launched from Windows Explorer's context menu, as shown on the screenshot below. To start the Wizard, choose an application executable file, click on right mouse button and select 'Application Wizard' item. Please note, to use Wizard you must have administrative privileges or configure appropriate permissions for geswall.dat file placed into GeSWall's installation folder. On the Wizard welcome screen you can choose an operation mode: normal or expert. Normal mode exposes only most important settings and hides advanced details. In expert mode you have an option to customize all settings generated by Wizard. Expert mode is recommended only for advanced GeSWall's users. Normal mode is enabled by default. To continue Wizard in expert mode you set 'Expert mode' check box as shown on screenshot below. Press 'Next' button to continue with chosen Wizard mode. Normal ModeIn Normal Mode the Wizard has two pages. Configuration settings are filled automatically and an input is required only to adjust Wizard's defaults. On the first page Wizard display basic application information and allows to define Display Name and Group. Display Name would be used in GeSWall notifications. Group is required for easier application classification in GeSWall Console. Additionally, you can adjust processing time by corresponding slider control, Processing time is time used to automatic analysis of application behavior. Wizards starts given application isolated, checks what resources (files, registry, etc.) are accessed by that application and automatically constructs application specific rules. Clicking on Next button starts analysis procedure. A completion status displayed by appearing progress bar as displayed on screenshot below. You can disable automatic analysis by removing check from "Autofill rules for this application". In that case Wizard skips analysis phase and switches to the final page. At this point Wizard completed all required steps but not yet saved settings. Press on Finish button to save updated setting into Application Database. Expert ModeIn Expert Mode you can adjust all Wizard's settings but defaults would be the same as in Normal Mode. This mode is particularly useful for troubleshooting, when isolated application is not functioning as expected. On the first pages Wizard displays basic application parameters:
For more information on "Identification Type" and "Security Level" see "Applications" section. If non of existing group fits the application category, you can create a new one by pressing on 'New Group' button. If application already exists in Application Database the Wizard displays corresponding message and retrieve all current settings from the database, as shown on screenshot below. You have an option to delete such application by pressing on 'cross' button and start with clean settings. Additionally, you can enable automatic analysis by checking "Autofill rules for this Application". "Enable macros mode for rules" checkbox allows to automatically apply macro substitutes (see "Resource Name Syntax" for more details). Press Next button to continue. If automatic analysis is enabled then Wizard performs these steps:
The sate of this process is displayed in appearing progress bar. When Wizard launches application you should perform there some typical actions. For example in case of chat messenger (ICQ, Yahoo Messenger, Skype, etc.): logon to a server, type/send some messages, change profile settings and so forth. In case of troubleshooting, perform some particular actions that lead to a malfunction when application run isolated. GeSWall tracks access to all resources (files, registry, etc.) accessed by application during this procedure and determines what rules are required for that application. When automatic analysis is disabled or completed, Wizard switches to the rules page. The page lists all specific rules and provides interface to add new ones or delete existing (see "Applications" section for more details on specific rules). The list contains both existing rules (if any already configured for the application) and automatically generated. To add new rule: type resource name, select resource type, set access permission (typically allow) and press 'Add' button. Resource name must comply with Name Syntax described in "Resource Name Syntax" section. Additionally, you can check "Enable macros". In this case Wizard tries to apply most often macro substitutes for all resource names you enter. To delete rule, select a rule in the list and press 'Delete' button. Additionally, you can import a list of rules from a file by pressing on 'Import Rules' button. Imported rules will be added to the current ones. A file for import contains list of rules that were previously exported by mean of 'Export Rules' button. Import/Export functions are useful for rules templates which could be applied for many applications. When you complete with rules configuration press 'Next' button to switch on final page. Once you click on 'Finish' button, all configuration settings would be stored into Application Database. Pressing 'Cancel' button undo all Wizard's changes. |
|
||||||||||
|
|||||||||||||
|
|
||||||||||||
Copyright 2006 GentleSecurity |
Contact Us | Privacy Statement |
