Skip to main content

Block RMM Tools with App Block using the Remote Control Category in OneView

Updated: 

The Remote Control Category in Application Block for OneView allows administrators to restrict access to Remote Monitoring and Management (RMM) at the application layer. This recommended rule increases endpoint security posture, preventing unauthorized remote access to protected endpoints. 

Before enabling a Remote Control Category block, you must identify which RMM tools are legitimately used at each site and exclude them from the block rule. This prevents accidental denial of service to approved remote support workflows while blocking unauthorized RMM access vectors. Follow the steps below to block unapproved RMM tools.

Step 1: Identify approved RMM tools

  1. Create a list of RMM tools approved for use in your organization.
  2. Document the approved tool names and versions. Examples: ConnectWise LabTech, Splashtop, TeamViewer, AnyDesk, or internal custom solutions.

Step 2: Access the App Block Rule configuration

  1. Log in to OneView as a Global Admin or Site Admin.
  2. Navigate to Monitor > Application Block.
  3. Select the Rules Tab.
  4. Click New Rule or open an existing rule you intend to modify.

Step 3: Enable the Remote Control Category block

  1. Click the Rule type field, select the Category option.
  2. Locate the Remote Control category.
  3. Check the box next to Remote Control to enable the category block.

TIP - This rule only blocks installed RMM tools from running. To block standalone RMM executables, use an Advanced rule and block by Certificate property. For more information, see Configure Application Block rule in OneView.

Step 4: Review the full list of blocked tools

  1. Expand or scroll through the complete list of Remote Control tools shown beneath the category checkbox.
  2. Compare each tool name against your approved RMM tools list from Step 1.

Step 5: Remove Approved RMM tools from the block rule

  1. For each approved RMM tool in your list, locate it in the Remote Control tools list.
  2. Uncheck the box next to the approved tool name.
  3. Repeat for all approved RMM tools until only unauthorized tools remain checked.

Step 6: Verify the block configuration

  1. Review the checked items one more time to confirm that:
    • All approved RMM tools are unchecked
    • All tools you intend to block remain checked
  2. Scan the list for any tools you are unsure about. If there is uncertainty, consult the Step 1 stakeholders before proceeding.

Step 7: Set Policy and Site scope

  1. Configure the policy or site scope by selecting the target device policies or sites.
  2. Assign a clear policy name, such as "Block Unauthorized RMM Tools" to reflect its purpose.
  3. Click Save to commit the rule to your chosen policies.

Step 8: Deploy and monitor

  1. Assign the policy to the target endpoints or device groups.
  2. Monitor enforcement on the Activity tab in Monitor > Application Block. 

Expected result: The policy is deployed, and endpoints begin enforcing the Remote Control block against unauthorized tools. Approved RMM tools continue to function normally.

Still have questions?

Support is available via chat, phone or by creating a ticket. You can also use our virtual assistant for guided assistance.

Learn more