Views:
A trust ruleset consists of one or more user-configured Trust rules. If you assign a trust ruleset to a policy or computer in Workload Security, the rules contained in that ruleset are applied to the related workloads and will auto-authorize any software changes that meet its rule property requirements.

Create a trust ruleset Parent topic

To create a new trust ruleset, do one of the following:

Create a trust ruleset from the Policies tab Parent topic

To create a new trust ruleset, do one of the following:

Procedure

  1. From the Workload Security Policies tab, go to Common Objects Rules Application Control Rules Trust Entities.
  2. In Trust Rulesets, select New.
  3. In New Ruleset, provide a name and description for the new ruleset.
  4. Select one or more of the trust rules in the list to assign them to your trust ruleset.
    application-control-trust-entities-newrulesetok=29b10d71-f6e2-4838-a422-c601d5750586.png
  5. Click OK.

Create a trust ruleset from the the Computer or Policies tab Parent topic

Procedure

  1. From the Workload Security Computers or Policies tab, double-click a computer or policy (or right-click and select Details).
  2. Go to Application Control and make sure the Configuration is set to On or Inherited (On).
  3. In the Trust Ruleset list, select New.
    application-control-trust-entities-newrulesetcomputerpolicy=284a2b30-c53e-41b1-a7df-8113787ce9e4.png
  4. In the New Ruleset window, provide a name and, optionally, a description for the new ruleset.
    application-control-trust-entities-newruleset=db3de0b8-124b-4e15-b462-70cc817747b3.png
  5. Select one or more of the trust rules in the list to assign them to your trust ruleset and click Save to create the trust ruleset, containing any rules you assigned.
  6. Click Save to assign the new trust ruleset to the computer or policy.
    Instead of creating a trust ruleset from scratch, you can click Duplicate on the Trust Entity Management window (Policies Common Objects Rules Application Control Rules Trust Entities) to create a copy of an existing ruleset and then configure it to meet your needs.

Assign or unassign a trust ruleset Parent topic

Assign a trust ruleset Parent topic

Procedure

  1. From the Workload Security Computers or Policies tab, double-click a computer or policy (or right-click and select Details).
  2. Go to Application Control and make sure Configuration is set to On or Inherited (On).
  3. Select a Trust Ruleset from the list.
    application-control-trust-entities-assignruleset=9e81f364-546a-482b-bc36-164f854bc17a.png
  4. Click Save.

Unassign a trust ruleset Parent topic

Procedure

  1. Go to Common Objects Rules Application Control Rules Trust Entities and select the trust ruleset.
  2. In the Trust Ruleset Properties window displayed on the right, select the number next to Assignments.
    application-control-trust-entities-rulesetassignments=854d54d1-8de5-4e00-94bf-092380ee58b0.png
  3. In the Assigned To window, select a computer or policy.
    application-control-trust-entities-trustrulesetassignedto=1746e9ec-d262-4914-85ab-9b475e43c416.png
  4. From the Application Control tab of the Computer or Policy window, unassign the ruleset by selecting None from the Trust Ruleset list.
  5. Click Save.
    application-control-trust-entities-unassignruleset=281f2fb6-6a96-43df-9b21-a4e5e31add96.png
The trust ruleset is no longer assigned to the computer or policy.

Delete a trust ruleset Parent topic

Procedure

  1. Go to Common Objects Rules Application Control Rules Trust Entities.
  2. In the Trust Rulesets section, select the ruleset you want to delete and select Delete.
  3. Click OK on the Delete Ruleset confirmation dialog.
    application-control-trust-entities-deleteruleset=67d21577-1c73-4f68-bb18-b4afe4680d3b.png
    The trust ruleset is deleted.
    Note that a trust ruleset cannot be deleted if it is currently inherited by or assigned to a computer or policy. You must unassign a trust ruleset before it can be deleted.