Security Controls

Device Rules

In this section:

About Device Rules

Device rules allow security control rules to be matched with specific devices. Device rules can apply the rule settings either to the device hosting the Application Control Agent and configuration, or to connecting devices.

For example, a configuration rule can allow certain applications to run on a server but prohibit others from running when launched from a device listed in the rule.

Device rules also provide the ability to perform per-device license management in a server-based computing environment.

  • To add a device rule set, select Rule Sets > Device. Right-click and select Add Device Rule Set.

  • To remove a device rule set, right-click a device rule set and select Remove Rule Set. A confirmation message displays, click Yes to confirm the removal.

Device Rule Validation

Type Rule
Host Name or IP Address Use this device client rule to apply Allowed Items, Denied Items, Trusted Vendors, and Privilege Management rules to a third party device when a user attempts to access their endpoint from a specific Host Name or IP Address. If the Host Name or IP Address is matched to the third party device, Application Control rules specific to the device are applied.
Computer Group Membership Use this device client rule to apply Allowed, Denied, Trusted Vendors, and Privilege Management rules to a third party device that is a member of a specific security group. Application Control checks to see if the computer is a member of the specified security group before applying the rules.

If entering the Computer Group Membership details manually, you must use the fully qualified name.
For example, CN=ComputerGroup, OU=Department, OU=Corporation, DC=CoreDomain.

OU Membership Use this device client rule to apply Allowed, Denied, Trusted Vendors and Privilege Management rules to a third party device that is a member of a specified Organizational Unit (OU).

Related Topics

Rule Sets

Rule Collections


Was this article useful?