Stupid question, but are "Trusted Application" settings safe in Defense+?

ratchet · December 18, 2007, 9:21am

I was checking “Compute Security Policy” and a lot of the applications I use, both security and maintenance, were set at “Custom” so I changed them to “Trusted…”. Thank You!

Ragwing · December 18, 2007, 12:25pm

Greetings!

To answer the questions; yes the Trusted Application-setting is safe. You should only add it for trusted software (like the policy name says). As long as you don’t add it for everything, you’ll be fine

Cheers,
Ragwing

MikeH · December 19, 2007, 12:05am

You might want to consider leaving your applications set to Custom.
Double click the firewall icon.
Click Defense+
Click Predefined Security Policies
Highlight Trusted Application
Click Edit…
Click Access Rights
You can now see what the access rights are for “Trusted Application”
Everything is allowed except Run an Executable which is ask
Essentially a “Trusted Application” has an enormous amount of freedom to do what it wants.

Double click the firewall icon.
Click Defense+
Click Advanced
Click Computer Security Policy
Highlight one of your applications which is treated as Custom policy
Click Edit…
Click Access Rights
You can now see what the access rights are for that application as defined by the Custom policy.
I believe that you will find that the access rights are much more restrictive as compared to “Trusted Application”.

My view is that an application shoul run with only the rights necessary to do its job and no more.
I believe that this is best accomplished via Custom policy.
Others may have differing views.

Regards,
Mike

Ron_75 · December 20, 2007, 12:04am

I agree MikeH,

but getting to grips with the policy rules and developing a good understanding of it all, is new to alot of us who ain’t knowledgable about networking stuff and are newbies to it lol.

[s]I would like to ask you something though. I installed firefox yesterday and i chose the Web Browser policy for it, it behaves differently to IE7 that i have, IE7 has a custom policy rule.

firefox blocks any flash webcams on webpages and logs it in the firewall log viewer log. IE7 doesn’t block them. what do i need to edit to allow such cams to run and view them?[/s]

umm …ignore what i have crossed out, I managed to figure that out and learn about the custom policies

thanks

MikeH · December 20, 2007, 6:30pm

I am in the newbie camp as well.
I did the same thing that ratchet did.
Then I started to investigate it more.
Wanted to share what I discovered.
I probably uninstalled and reinstalled vers 3 a dozen times trying different things.
This help board is a wealth of information.

Regards,
Mike