Skip to main content
ymasaki
Staff
ymasaki
Staff
August 8, 2024

Troubleshooting Tip: Application Not Blocked Despite Application Control Manager Setting

  • August 8, 2024
  • 0 replies
  • 770 views
Description This article describes how to troubleshoot an application that is not blocked although Application Control Manager is configured.
Scope FortiEDR.
Solution

Application Control Manager allows the FortiEDR Collector to block predefined applications from launching. However, it does not work as expected when some settings are missing to enable the feature properly.

 

This article explains the troubleshooting steps to check the setting is properly configured and offers a solution to fully run the Application Control Manager feature.

 

  1. Set up Application Control Manager configuration.

In this scenario, the setting is applied to 'firefox.exe'.

 

fedr_appmgr1.png

 

  1. Run Firefox on the machine but it is still allowed to launch.

     

  2. To fully enable the feature, make sure the Application Control policy is enabled in Prevention mode (the policy is disabled in Simulation mode by default).

     

    fedr_appmgr2.png

     

     

  3. Run Firefox again and it is blocked this time.

     

    fedr_appmgr4.png

     

     

  4. Confirm the blocked event is available in EVENT VIEWER (Application Control view).

     

    fedr_appmgr3.png
      Terms & ConditionsAccessibility statement