Allow or block an executable file

If a reputation source is available in your environment, executable files are automatically allowed or blocked from running based on their reputation.

Before you begin

You must have the required permissions to perform this task. If you don't, contact the McAfee ePO administrator.

Based on your requirements, you can manually authorize or restrict an executable file, based on its name, SHA-1, or SHA-256.

Allowing an executable file based on the SHA-1 or SHA-256 ensures that the file is allowed to run, regardless of the source of the file.

Task

  1. On the Rule Groups tab, locate your Group Name and under Actions, click Edit.
  2. On the Executable Files tab, click Add.
  3. Specify an identifier for the rule in the Rule Name field.
  4. Indicate whether to allow or block the file.
  5. Indicate whether to allow or block the file based on the file's name, SHA-1, or SHA-256.
  6. Enter the name, SHA-1 value, or SHA-256 value.
  7. Click OK.