Using Securden to Block Specific Software and Browser Extensions
How can we use Securden to block specific software and browser extensions, such as AnyDesk or Tor Browser?
The software can be blocked by navigating to Privilege elevation and delegation - > Create Control Policies. However, we do not have an option to block browser extensions.
As a substitute, we recommend you use group policies to block the downloads of the browser plugins and push only the approved plugins.
Steps to Block the Software
To add application control policies, navigate to Admin - > Privilege Elevation and Delegation - > Control Policies section in the GUI.
In the GUI that opens, click Add Policy and select domain control policy for domain joined machines and non-domain policy for workgroup/external computers.
Step 1: Enter the following details in the interface.
Control Policy Name: The name that you enter here helps you uniquely identify the control policy being created. This name will appear on the control policies list.
Description: An overview of the control policy describing what it does and why this policy has been created
Step 2: Choose the level of elevation for the application(s).
Blocklist: This option is to block usage of the application.
Step 3: Select the applications that are to be part of the policy.
You can use the Search application field to select the required applications from the list or enter the application name and select it.
Step 4: Associating the policy with domain/non-domain computers.
The next step is to specify the list of computers on which this policy should take effect. You can choose to have all domain/non-domain computers follow this policy or choose a specific set of computers to adhere to the policy.
Step 5: Associate policy with specific users/accounts.
The final step is to associate the policy with the required domain users/user groups or domain accounts/folders (in the case of domain policy) and accounts/folders (in the case of non-domain policy). That means the policy will take effect on the users/groups/accounts/folders selected here on the computers chosen in the previous step.
Step 6: Once done with all the steps, proceed to click ‘Save’.
Important Note: For security reasons, the application control policy created by one administrator will have to be approved by any one of the other available administrators. Securden Unified PAM sends notifications to the approvers, who can review applications and approve/reject the request from the “Control Policies” page. Until the policy gets approval, it will not take effect.
