When ThreatLocker blocks an application, the end-user can request access to it.
Once the user clicks the 'Request Access' button, the request window will populate.
Here the user has the option to enter a message to accompany the request and their email address so they can be notified when the request is processed. By default, a copy of the file they are requesting will be attached unless they deselect the checkbox next to 'Attach a copy of the file with the request'.
Once the user selects 'Request Permission,' the request will appear in the Response Center > Approvals page, and a ThreatLocker Administrator will have the option of approving or rejecting it.
If you wish to receive a notification for this request, it can be configured on the User settings or on a deny policy.
Setting Notifications Options on the User Settings
- Select the Users tab on the left-hand side of the ThreatLocker Portal.
- Select the administrator that you would like to receive notifications to open the Edit User sidebar.
- Toggle on 'Notify on Request' next to the type of requests this user should receive (Application, Storage, Elevation). Then select the check box next to Email and/or SMS under each option that is toggled on to choose how this admin will receive notifications.
- Please Note: SMS requires a cell phone number to be set in the top section of the Edit User sidebar. Email will use the email address already configured on the user settings.
When this is selected, any specified request types for your organization or child organization will be automatically sent to the administrator account you are editing.
Setting Notification Options on a Deny Policy
This method allows more granular control as opposed to sending all requests to one administrator.
- In the ThreatLocker Portal, navigate to Application Control > Policies.
- Select the desired group (for this example, we will be configuring the default Policy in the 'Workstations' group).
- Select the Deny policy you wish to configure notifications on to open the Edit Policy sidebar.
- Scroll down to the End User Experience section.
- Once the Show Notification and Allow User to Request option is toggled on, the Email/SMS Administrator on Request toggle will be revealed.
- Toggle it on and select the desired email addresses from the dropdown list.
- Phone numbers can be added by typing SMS: and following with the number.
- Please note: When typing SMS:xxxxxxxxxx, the phone number will appear in the dropdown, and you must select it from the dropdown to add it.
Using this method allows for definition right down to the client and/or the specific Policy level.
- Select 'Save' when you are finished.
- Select the red rocket in the top right side of the portal to deploy the changes. Any changes made will take effect in approximately 60 seconds.
When an end user selects 'Request Permission' the specified administrators will receive an email. This email will include details such as the name of the company, the hash, the certificate, and a direct link to approve the request.
For information about Push Notifications on the Mobile App, please see the ThreatLocker Mobile App KnowledgeBase Article.