Using Trusted Change

In this section:

• Trusted Change Policies
• Working with Trusted Updater
• Working with Trusted Publisher
• Working with Trusted Path
• Working with Local Authorization

Ivanti Application Control uses the concept of trusted change to manage applications that are not on endpoint whitelists. This allows administrators to maintain a locked-down system as proposed changes are automatically vetted and approved or denied based on policy.

Even after application control is enforced, there is a need to add and update applications. Administrators can maintain endpoint integrity without a heavy administrative burden using the following Trusted Change policies:

• Trusted Updater allows applications to modify files and add them to the whitelist.
• Trusted Publisher allows digitally signed applications from a trusted source to run.
• Trusted Path allows applications in a specified system path to run.
• Local Authorization allows specified users to authorize new applications.