Add an application checksum

Note: If you use role-based administration:
  • You must have the Policy setting - firewall right to configure a firewall policy.
  • You cannot edit a policy if it is applied outside your active sub-estate.

For more information, see Managing roles and sub-estates.

Each version of an application has a unique checksum. The firewall can use this checksum to decide whether an application is allowed or not.

By default, the firewall checks the checksum of each application that runs. If the checksum is unknown or has changed, the firewall blocks it.

To add a checksum to the list of allowed checksums:

  1. Double-click the firewall policy you want to change.
  2. On the Welcome page of the Firewall Policy wizard, click Advanced firewall policy.
  3. Click the Checksums tab.
  4. Click Add.
    The Firewall Policy - Add application checksum dialog box appears.
  5. In the Search period field, click the drop-down arrow and select the period for which you want to display application events.
    You can either select a fixed period, for example, Within 24 hours, or select Custom and specify your own time period by selecting the starting and ending dates and times.
  6. In the Event type field, click the drop-down arrow and select whether you want to add a checksum for a modified application or a new application.
  7. If you want to view application events for a certain file, in the File name field, enter the file name.
    If you leave this field empty, application events for all files will be displayed.
    You can use wildcards in this field. Use ? for any single character and * for any string of characters.
  8. Click Search to display a list of application events.
  9. Select the application event for which you want to add a checksum, and then click OK.
The application checksum is added to the list of allowed checksums in the Firewall Policy dialog box.
If you enable interactive mode, the firewall can display a learning dialog on the endpoint computer when it detects a new or modified application. For details, see Enable interactive mode.