Getting to know your new Access Policy Options

Getting to know your new Access Policy Options. #SRW-KB8

Written by Giuseppe

Last published at: August 30th, 2023

This article will explain the new Access Policy configuration added in the 6.2.x release.


In order to configure the policies, tick the Enable Access Policies checkmark:


Enable Rule Logging will log the app blocking events.

The Passive Mode will stop enforcing the blocking of the apps, but will still log what apps are being blocked and what are being allowed.


Operators

Like AEP/AEPO/ SEP, also Access Policy have the condition and triggers relationship. You can have multiple rules concatenated with an and/or relationship, pick a condition that evaluates using an operator, and a value.

There are different operators.

 

   



I.E 


This rule will scan the workstation and if it is found that the workstation has less than 2 monitors and less than 4gb of RAM, SRW or TK will be closed.


Public IP Address Changed

  •     this option will scan your PC for the Public IP Address and if that changed access policy will prevent if configured, SRW /TK execution 


Client Version

  •     this option will scan your PC for SRW/TK version and if the version is different from what you have specified,  the client will/ will not run.



Windows Build Number

  • this option will scan your PC for Windows version and if the version is different from what you have specified,  the client will/ will not run.


Is 64-Bit Operating System

  • this option will scan your PC for Windows System Type and if the client type is/is not 64-bit, the client will/ will not run.


CPU Count

  • this option will scan your PC for the amount of CPUs, and if the client has/has not the amount you specified, the client will/will not run.


Total Physical Memory

  • this option will scan your PC for the amount of RAM, and if the client has/has not the amount you specified, the client will/will not run.


Monitor Count

  • this option will scan your PC for the number of monitors, and if the client has/has not the amount you specified, the client will/will not run.


CPU Type

  • this option will scan your PC for the CPU Type, and if the client has/has not the type you specified, the client will/will not run.


The device has NTFS Volume

  • this option will scan your PC for NTFS volumes, and if the client has/has not this type of volume, the client will/will not run.


Boot Volume Free Space

  • this option will scan your PC for boot volumes space, and if the client has/has not the amount you specified, the client will/will not run.


Boot Volume Disk is SSD

  • this option will scan your PC for boot volumes type, and if the client has/has not an SSD disk, the client will/will not run.


Windows Update Complaints

  • this option will scan your PC to ensure you are compliant with windows updates, and if the client is/is not compliant, the client will/will not run.


Virtual Machine Detection

  • this option will scan your PC to ensure that TK/SRW is not installed inside a virtual machine, and it is is the client will/will not run.


Virtual Machine is Hyper-V

  • this option will scan your PC to ensure that TK/SRW is not installed inside a Hyper-V mode, and it is is the client will/will not run.


Has Active Wi-Fi Adapter

  • this option will scan your PC to check if an active Wi-Fi adapter is enabled and if it is the client will/will not run.


Has Connected Wi-Fi Adapter

  • this option will scan your PC to check if a connected Wi-Fi adapter is enabled and if it is the client will/will not run.


Download Bandwith 

  • this option will check your download bandwidth speed, and if the value is not like the one you specified the client will/will not run.


Upload Bandwith 

  • this option will check your upload bandwidth speed, and if the value is not like the one you specified the client will/will not run.


Security Centre Anti-Virus Healthy

  • this option will check the state of your anti-virus, and if the result will come back as an unhealthy state the client will/will not run.


Security Centre Anti-Spyware Healthy

  • this option will check the anti-spyware state of your PC, and if the result will come back as an unhealthy state the client will/will not run.


Security Centre Firewall Healthy

  • this option will check the state of your windows firewall, and if the result will come back as an unhealthy state the client will/will not run.



Security Centre Windows Updates Healthy

  • this option will check the state of your windows update, and if the result will come back as an unhealthy state the client will/will not run.



Example: Access Policy Scan Completed


PASS = The rule passed the conditional created.

WARNING - The conditional failed but the action is set to "Continue" and the application will launch.

FAILED - The conditional failed and the action is set to "CLOSE" and the application will close.