Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)

How to block a particular application from being installed on CSA

Hello everybody,

wanted to ask, how would you block (or configure a particular policy to block) a particular application from being installed on a client machine... for example we do not want the user to be able to chat using MSN messenger or any other IM application, is there a way to block this application, also, the user is not alway connected to the network, in this case will he be able to install or turn on this application if he is not communicating with the CSA manager?

Thanks and regards,


Re: How to block a particular application from being installed o

The only really usable way is to use a deployment tool, to install applications with, and then only let that install applications using csa rules. You could also create a list of filenames that the use can't execute, so they can install, but not execute messenger or whatever. If i can suggest something else, how about doing a lockdown of unknown applications communicating outside your network, you could say that no file saving is possible or copy/paste from that application, registry access and so on...just a suggestion.

CreatePlease to create content