Blocking applications with AppLocker

+4 votes
235 views
Blocking applications with AppLocker

in Security by (552k points)
reopened | 235 views

1 Answer

+5 votes
Best answer

image


It is recommended to use the audit only mode to implement the directive and understand what its impact is before applying it in a definitive way throughout the organization.

AppLocker , you can create rules to allow or deny the execution of applications. This tool allows administrators to set certain rules to control executable files (.exe and .com), scripts (.js, .ps1, .vbs, .cmd and .bat), windows installer files (.msi and .msp ) and DLL files (.dll and .ocx).

When creating DLL rules, it must be taken into account that it is necessary to create a DLL permission rule for each DLL used by all the allowed applications. If DLL rules are used, AppLocker must check each DLL loaded by an application. Therefore, users can see a performance reduction in case of using DLL rules.

The rules are available in windows Server 2008 R2 and in windows 7 ultimate and enterprise. It is possible to use Windows 7 Professional to create the rules, but the rules can not be applied on Windows 7 Professional computers.

Start application identity service

To use AppLocker we must first start the Service "application identity". To start this service go to Start , Control Panel, Administrative Tools and choose Services .

Search for the service called " application identity " open its properties and mark start type " Automatic ", start the service and accept.

image


Creating rules

To create rules go to Start , Control Panel, Administrative Tools and choose Local Security Policy .

Note: If the User Account Control box is displayed, confirm whether the action that appears is the desired one.

image


In the console tree, double-click Application Control Policies , then double-click AppLocker .

Select " Create regas ". It is possible to generate rules for executable files, windows installer and scripts.

In the "Permissions" window, choose to deny or allow, then add the user or group where the rule will be applied. In the next window choose how the application will be identified.

image


After the definition of the application, the following message will be displayed:

image


Choosing "Yes" will allow us to block only the application you want.
by (3.5m points)
edited

Related questions

+3 votes
1 answer
How to remove blocking or blocking Pocophone F1 applications
asked Sep 19, 2019 in Android by backtothefuture (552k points) | 243 views
Sponsored articles cost $40 per post. You can contact us via Feedback

Most popular questions within the last 30 days

10,659 questions
10,791 answers
510 comments
3 users