• Overview
• Block-IT (AAC)
• File Groups
• File Group Assignment & Execution Schedule
• Disabling Hash and Full Path Checking
• Block-IT (HAC)
• Host Access Rules
• Host Name Resolution
• Optimizing Host Access Rules
• Download Now

File Groups

With Block-IT (AAC), program executables are organized into “file groups”, enabling administrators to grant or deny access to entire software suites, not just individual executables (figure 2). The file groups can be associated with all the Terminal Servers or a specific silo in the farm. Additional settings such as application termination, hash checking, and full path checking can also be configured at the file group level (more on this later). Finally, for each individual executable in the file group, a unique hash is computed and stored in the management database (figure 3). For informational purposes, a hash can be likened to a fingerprint; it is used to verify the authenticity of a program executable at start time.

Figure 2 - Program executables are organized into "file groups", enabling administrators to grant or deny access to entire software suites, not just individual executables

Figure 3 - For each individual executable in the file group, a unique hash is computed and stored in the database.

Next: Block-IT - File Group Assignment & Execution Schedule