Release Notes V1.0.0
A summary of new or changed features and enhancements included in Application Control V1.0.0
BigFix® Application Control V1.0.0
BigFix® Application Control is a lightweight, native enforcement system designed for comprehensive management of application execution across enterprise endpoints. The solution addresses the critical need for native, policy-driven application control within BigFix environments, enabling IT administrators to enforce application usage policies with real-time monitoring and exception management capabilities.
What's New in Application Control V1.0.0
- Centralized Policy and Rule Management
- Configure and deploy the solution from the BigFix console. Create powerful Allow Rules (for default-deny policies) or Block Rules (for default-allow policies) to control application execution. Rules can also include time constraints to grant temporary access.
- Bulk Ruleset Management
- Easily upload a CSV file containing a set of rules to apply a baseline policy across all subscribed computers.
- Endpoint Visibility
- See the effective control policy (the complete set of rules) for any endpoint directly from the BigFix Console. Approved exceptions can be viewed using BigFix® Web Reports.
- Real-time Block Notifications
- When a process is blocked, a notification utility instantly appears, informing the user that the application is not permitted to run.
- Application Control Policy
- The collection of individual rules and CSV rulesets that are applied to an endpoint to restrict or allow application execution.
- Seamless Exception Request Work-flow
- The notification utility allows users to request a temporary exception. They can provide a business justification and a desired expiration date, which is then sent directly to ServiceNow to create an exception request ticket.
For Security and Performance
- Endpoint Policy Encryption Ensures Secure Monitoring and Immutable Rules
-
The effective policy on the endpoint is encrypted, ensuring that a user, even one with administrative privileges cannot modify the rules.
- Lightweight Endpoint Service
- A compiled C# watcher service enforces policies in real-time with minimal CPU and memory overhead, ensuring no impact on user productivity.
- Log Retention
- Endpoint logs are stored for 10 days to provide an audit trail of local activity.
| Features | Description |
|---|---|
| Compliance Enforcement | Block unauthorized applications to meet corporate and regulatory requirements. |
| Policy Deployment | Administrators can add rules to block or allow apps using file paths or registry rules. |
| Process Monitoring | The Process Monitoring service on endpoints polls for policies and enforces them in real-time. When a blocked app is accessed, it is terminated, a notification is shown, and a log entry is created. |
| Exception Request Handling | Allow temporary, audited access to blocked applications with proper approval through your ITSM system. |
ServiceNow Integration Workflow
- Setup: A BigFix operator installs the Application Control UpdateSet XML in ServiceNow.
- Request: The endpoint utility calls a ServiceNow REST API to create an exception request when a user submits one. Distributed Denial-of-Service (DDoS) protection is active, rate-limiting requests to 60 per hour.
- Approval: The exception manager approves or denies the request within ServiceNow.
- Fulfillment: Upon approval, ServiceNow calls the BigFix Action API to create and deploy a temporary allow rule to the specific endpoint. The ServiceNow ticket is then updated with a "fulfilled" status.
Additional information about this release
| Site Name | Site Version |
|---|---|
| Application Control | 1.0.0 |