Windows desktop applications
Before you begin
The following applies to Windows applications prior to Windows 8, as well as Windows 8 desktop applications. For instructions on how to monitor Windows Store applications, see the section below, Windows Store applications.
There are 2 ways to import applications onto the Forcepoint DLP server for Windows desktop applications:
- Selecting Main > Resources > Applications > New Application/Online Application. See Endpoint Applications.
When you add applications using this screen, they are identified by their executable name. Occasionally, users try to get around being monitored by changing the executable name. For example, if you are monitoring “winword.exe” on users’ endpoint devices, they may change the executable name to “win- word.exe” to avoid being monitored.
- Using an external utility program, DSSRegApps.exe. This method records the application’s metadata, so that Forcepoint DLP can analyze the metadata.
In other words, if the name of the application is modified by an end user, Forcepoint DLP Endpoint can still identify the application and apply policies.
Note: This tool can be copied to any other machine and be executed on it as long as it has connectivity to the Forcepoint Security Manager.
- Go to [%DSS_Home%] directory (Default: C:\Program Files\Websense\Data Security Suite) and double-click DSSRegApps.exe. The Get File Properties screen displays.
- Complete the following fields:
Field Description IP Address/ Hostname Insert the IP Address or Hostname of the Forcepoint DLP server. User Name Provide the user name used to access the Forcepoint DLP server. This is the user name assigned to administrators that have relevant permissions. Password Enter the password used to access the Forcepoint DLP server. This is the password assigned to administrators with relevant permissions. File Name Insert the File Name of the application (e.g., Excel.exe) OR click the Browse... button and in the Open dialog box, navigate to the File Name of the application and double-click it. Display Name Enter the name of the application as you want it displayed in the Forcepoint Security Manager. - Click OK.
A message displays indicating that the application was successfully registered with the Forcepoint DLP server. The Get File Properties screen is then re-displayed with the Forcepoint DLP server fields completed, but the File Name and Display Name empty. This allows you to select additional applications to register with the Forcepoint DLP server. Continue this process until all applications are registered. When you are finished adding applications, click the Cancel button in the Get File Properties screen.