I am running CSA in my Pilot and its kind of stable now and working Fine.I need to know one thing I hv disabled "Untrusted Content Classification Module" from the Application classification Policy which is part of All Windows Group.I hv disable this module bcoz there will be more than 1000 applications runing in my org. and more new applications will be added which cant be tested in my Test Lab.
I want to know the level of security tht i hv compromised by disabling this module on my CSA.
None, it just monitors apps and classifies them based on the rules. Kind of like the Kernel protection rules. It can also be useful in Application Investigation.
You should test with real stations outside your lab if possible but you don't need this rule to do it.