Add an additional program for remote access to the App Patrol list
Freshman Member
Hello.
I've encountered misuse of the meshagent.exe (MeshCentral) program on my network.
Employees install the program without notification.
The problem is that this program can be renamed and access different addresses on its server side.
How can I block this program from running on the Zywall ATP 700?
This program isn't listed in APP Patrol. I've chosen to block all programs in the Thin Client category, but this doesn't work on meshagent.
I tried blocking the meshagent.exe client program through IPS, but that didn't work either. The program uses 443 in its work, and despite SSL inspection being enabled, blocking through IPS doesn't work.
Can Zyxel add this program to the APP Patrol list?
All Replies
-
Hi @General99
To block the traffic, the current method is to set a security policy for the specific source IP, which is the MeshCentral server ip.
In addition, you can add the MD5 of the meshagent exe or zip file to the anti-Malware block list, which should restrict your employees to download these files.
Can Zyxel add this program to the APP Patrol list?
Let me create the idea post for you and share your requirement to the product team.
Zyxel Melen0
Zyxel Employee
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 202 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.3K Security
- 517 USG FLEX H Series
- 329 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.3K Wireless
- 49 Wireless Ideas
- 6.9K Consumer Product
- 289 Service & License
- 461 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.4K FAQ
- 34 Documents
- 86 About Community
- 97 Security Highlight
