difficult to locate an application in policies

jcqn · May 29, 2009, 9:56pm

CIS is great. But it is difficult to locate an application in policies management, no matter in firewall or defense+, especially when you have dozens of applications. Why not just add a search function to help us locate an application quickly in policies management?

In addition, can the defense+'s priorities be more explicit? I define a custom policy for an application, but the result is not what I expect. Some policies affect my custom policy, and even I put the custom policy on the top, the policy still does not work.

Thanks.

fazio93 · May 29, 2009, 10:44pm

Welcome.

There is a hidden Ctrl + F function in the firewall/d+ policy interface. But it requires you to type in the exact path, but i believe a better search function is in store for some later versions.

Could you expand on this please?

Thanks.

Citizen_K · May 30, 2009, 1:32am

Tip for looking up Windows system files using Search: start typing %windir%\ and you will suggestions in the drop down box underneath the search field.

Agent24 · May 31, 2009, 1:27pm

I also don’t like the way you can’t easily search for things.

Sure you can type the full path but that is annoying.

Also, clicking on the column headers should sort the results in alphabetical order like in windows explorer. That would be a very nice feature.

Citizen_K · May 31, 2009, 5:40pm

I would like to see a more enhanced search function in which typing the name of the executable should be enough to find it.

giraffe · May 31, 2009, 9:43pm

It would also help if

a). the list took focus so that the wheel worked without having to click and

b). the list stayed where it was left before using e.g. Delete - sometimes it jumps back to the top which, with a long list, means trying to find where you were. As the files are ‘in no particular order’, this can be difficult.

I don’t suppose it’d be possible to sort on the filename column using the last element (filename.exe), would it?

system · June 3, 2009, 6:00am

yeah that’s right, the list always jumps back to the top once you’ve edited anything in it

AeoniAn · June 3, 2009, 9:55am

I always suffer from this.

Sorting by full path would be GREAT! :-TU :-TU :-TU

(finding could be much easier in this organized way)

tcarrbrion · June 3, 2009, 10:13am

The list cannot all be sorted as the order of the rules is very important if you have rules for groups of applications.

AeoniAn · June 3, 2009, 10:33am

I agree if you say: the order of the rules inside one policy in FW is important. I don’t see any problem if svchost (or WOS, SYSTEM) appears before or after Firefox for an example. At least I don’t have any problem with this in my system.

I disagree about D+ and AV policies order (including exclusions). Order does matter? How does CIS takes this?

edit:
About groups: just use its name for sorting! Or, put them on top or bottom. Not so complicated.

tcarrbrion · June 3, 2009, 12:16pm

For example, one thing I am thinking of doing is having a group at the bottom of my security policy to block certain things so they are automatically blocked for all new application that would be added below but not blocked for existing applications. This would not work if sorted.

It would be ok if individual rules were sorted between the group rules. This would be helpful.