Custom Rules

Custom rules apply settings to devices hosting the Application Control Agent and configuration. You can add items to the Allowed Items, Denied Items, Trusted Vendors, User Privileges, and Browser Control nodes in each group rule node. For more information, see Rule Items.

Custom rules allow security control rules to be applied when certain conditions are met. You can specify conditions for the following:

  • Computer
  • Directory membership
  • Environment
  • Files and folders
  • Registry
  • Session and client
  • The user

For example, you can create a custom rule that allows only users who belong to the Finance OU and who are not working on laptops to self-elevate to install a specific accounting application.

You can also create custom scripted conditions using Visual Basic or Java Script.

For more information on conditions for custom rules, see Condition Management.

Performance and custom rules

Custom rules enable great flexibility when applying conditions to rules. It may important to understand how they are processed in order to best manage your system performance.

The custom rules engine is very powerful but it can demand considerable resource. To manage performance, by default, the engine only handles process start actions such as launching an executable. DLLs and other file types requiring execute rights are not handled by the custom rules engine and therefore any rule items targeting them will not apply.

Using the EnableCustomRulesDllChecking custom setting, it is possible to modify the behavior to ensure all requests are processed by the custom rules engine. However, on a busy server, this could result in a performance impact so it is worth considering if Process Rules could deliver the required end result.

Refer to this Community article for further information.

Add or remove a custom rule

If you select the Custom Rules node, the All Custom Rules summary displays the Rule Name and the Security Level.

  • To add a custom rule, click the Add Rule drop-down arrow on the Rules ribbon and select Custom Rule.

  • To remove a custom rule, select a rule and click Remove Rule on the Rules ribbon. A confirmation message displays. Click Yes to confirm the removal.