Create and view a whitelist policy

The application whitelist feature prevents unauthorized programs from running on your servers and provides a trusted running environment for your servers.

Context

The application whitelist feature allows you to apply application whitelist policies to your servers that require special protection. Cloud identifies trusted, suspicious, and malicious programs based on the policies. Then, you can add the identified programs to an application whitelist based on your business requirements. This prevents unauthorized programs from running. This feature protects your servers from untrusted and malicious programs and improves resource usage.

Operation Steps

1. In the product management page, choose "Threat Detection Service".

2. In the left-side navigation pane, click "Application Whitelists".

3. On the "Application Whitelist" page, click the Server tab then click Create Policy

OR On the "Application Whitelist" page, click the Policies tab then click Create Policy.

4. In the Create Policy step of the Create Whitelist Policy panel, configure the following parameters:

• Policy Name: the name of the application whitelist policy.
• Intelligent Learning Duration: the duration for Cloud to perform intelligent learning. Valid values: 1 Day, 3 Days, 7 Days, and 15 Days. The intelligent learning feature uses machine learning to automatically collect and categorize large amounts of alert data. Cloud can identify suspicious or malicious programs based on the collected data.
• Servers for Intelligent Learning: the servers to which you want to apply the application whitelist policy.

5. Click Next. The application whitelist policy is created.

6. View the policy details in the policy list on the Policies tab.

The following table describes the parameters in the list of application whitelist policies.