Managed Applications

With security restrictions on Applications, you can prevent unauthorized applications and executables from being used in the user workspace. This prevents potentially harmful applications and executables from causing damage.

  • Only applications that are made available to the user through Workspace Control are authorized. All other applications are unauthorized, and are prevented from starting.

  • Users are prevented from running executables that they received through e-mail or Internet. This prevents potentially dangerous executables containing viruses, spyware and malware from contaminating the corporate network.

  • Users are prevented from using advanced commands in the command box.

You can configure Managed Application Security on a global level at Security > Applications > Managed Application, and on application level at Composition > Applications, on the application's Security > Authorized Files tab.

  • File types other than executables (for example PDF, DOC or VBS) are accessible by default. You can block these file types (and folders) by configuring security restrictions on Files and Folders. See Files and Folders security.

  • The Workspace Control Agent for Linux and Apple Mac OS X supports the Managed Applications Security feature, providing the capability to allow or block executables in user sessions based on Authorized Files with MD5, SHA-1, and SHA-256 file hashes.

Export log to CSV file

To export the information found under the Log tab as a CSV file, follow these steps:

  1. Open the Workspace Control Console and navigate to Security > Applications > Managed Applications > Log tab.

  2. Right-click on any entry and then select Export to file from the context-menu.

  3. Select a location where to save the CSV file, enter an appropriate name for the file and then select Save.

Export log using the command line

Security logs can also be exported using the pwrtech command line:

pwrtech.exe /exportlog /type=application /output=<output filepath> [/outputtype=csv] [/start=<start date>] [/end=<end date>]

/outputtype, /start and /end are optional parameters. If /outputtype is not specified, then the security logs are exported as XML files instead of CSV files.

Replace the following with the appropriate values:

  • <output filepath> — Enter the full filepath where to save the CSV or XML file.
    For example: C:\export\managed_apps.csv.

  • <start date> — Enter the start date to export log entries starting with the specified date.
    The format for date is YYYYMMDD. For example: 20161130.

  • <end date> — Enter the end date to export log entries up to the specified date.
    The format for date is YYYYMMDD. For example: 20180523.

For example:
pwrtech.exe /exportlog /type=application /output=C:\export\managed_apps.csv /outputtype=csv /start=20161130 /end=20180523

Introduced in Ivanti Workspace Control 2021.2 (version 10.7.20.0).