Trusted directories must be on a computer with the Carbon Black App Control Agent installed. You specify the deployment server name, the directory to trust on that server, and whether that trusted directory applies to all or specific policies.

Procedure

  1. If you haven’t already done so, install the Carbon Black App Control Agent on the deployment server. Wait for the server’s files to complete initialization. You can monitor initialization status of the deployment server on the Computers or Computer Details page (see View Complete Details for One Computer).
  2. On the console menu, click Rules > Software Rules and click the Directories tab.
  3. Click the Add Trusted Directory button.
  4. Enter information about the deployment server, the policies the trusted directory applies to, and the status of the trusted directory.

    For parameter information, see Trusted Directory Parameters.

  5. Click the Save button. The approval computer and specified configuration information display in the Trusted Directories table.
  6. Enable the trusted directory if you did not do so during the directory addition.

    When you enable a trusted directory:

    • All files (including files in sub-folders) actually present when the trusted directory was enabled are globally approved, as are any files you add after you enable the trusted directory.
    • Files identified as installers in Windows trusted directories are globally approved, and files they write are locally approved when and where they are written. Similarly, archive files are globally approved and the files they will write when expanded are globally approved.
    • The computer on which the directory resides is configured for permanent prioritization of updates so that any rule changes are applied to it as soon as possible. This status can be changed on the Computer Details page.
      Note: If you make an existing Windows deployment folder a trusted directory, the Carbon Black App Control scanning process that analyzes and approves the directory’s contents can take several hours to complete if the folder contains a large amount of software.
  7. Deploy software according to your established procedures. To use the trusted directory to approve macOS or Linux applications, see Mac and Linux Trusted Directories.

Results