The following topics contain information about designing, planning, deploying, and maintaining AppLocker policies: Resources to support the deployment process The following diagram shows the main points in the design, planning, and deployment process for AppLocker. With an accurate inventory, you can create rules and set enforcement criteria that will allow the organization to use the required applications and allow the IT department to manage a controlled set of applications. The key to the process is taking an accurate inventory of your organization's applications, which requires investigation of all the targeted business groups. To successfully deploy AppLocker policies, you need to identify your application control objectives and construct the policies for those objectives. ![]() This planning and deployment topic for the IT professional describes the process for using AppLocker when deploying application control policies. Learn more about the Windows Defender Application Control feature availability. An example of this type of software is the Advanced Group Policy Management feature from the Microsoft Desktop Optimization Pack.Some capabilities of Windows Defender Application Control are only available on specific Windows versions. To ensure version control when modifying an AppLocker policy, use Group Policy management software that allows you to create versions of GPOs. However, you can't specify a version for the AppLocker policy by importing more rules. You can edit an AppLocker policy by adding, changing, or removing rules. For the procedure to alter the enforcement setting, see Configure an AppLocker policy for audit only. For information about the enforcement setting, see Understand AppLocker Enforcement Settings. By default, if enforcement isn't configured and rules are present in a rule collection, those rules are enforced. AppLocker divides the rules into collections: executable files, Windows Installer files, packaged apps, scripts, and DLL files. Rule enforcement is applied only to a collection of rules, not to individual rules. For the procedures to do this task, see Export an AppLocker policy to an XML file and Import an AppLocker policy from another computer. For local AppLocker policies, you can update the rule or rules by using the Local Security policy snap-in (secpol.msc) on your AppLocker reference or test PC. For the procedure to do these tasks, see Export an AppLocker policy from a GPO and Import an AppLocker policy into a GPO. ![]() Using Group Policy, you can export the policy from the Group Policy Object (GPO) and then update the rule or rules by using AppLocker on your AppLocker reference or test PC. Updating an AppLocker policy that is currently enforced in your production environment can have unintended results. These procedures assume that you have already deployed AppLocker policies with the enforcement set to Audit only, and you have been collecting data through the AppLocker event logs and other channels to determine what effect these policies have on your environment and the policy's adherence to your application control design.įor info about the AppLocker policy enforcement setting, see Understand AppLocker enforcement settings.įor info about how to plan an AppLocker policy deployment, see AppLocker Design Guide. This topic for IT professionals describes the steps to deploy AppLocker policies by using the enforcement setting method. Some capabilities of Windows Defender Application Control are only available on specific Windows versions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |