Application Control Rules

Views:

Important

To minimize potential impact on critical system operations, Application Control does not monitor and block applications (for example, cmd.exe or powershell.exe) located in the system32 folder on Windows platforms.

If a system issue occurs due to a blocked application process, check your Application Control settings.

Use the Application Control Rules screen to configure rules that you can then assign to Security Agent policy settings. You can create Allow or Block Rules to limit the applications that can execute or install on your endpoints.

Application Control Rule Tasks

Task	Description
Add rules	Click Add Rule and select from the following: Allow: Create Allow Rules to specifically allow certain applications to execute. Use Allow Rules to ensure that Application Control never blocks a certain application, or create a complete list of applications allowed to execute on endpoints and then deploy a Lockdown policy to the endpoints. While in Lockdown Mode, users cannot execute, access, or install any application that you did not include in the Allow Rules. Block: Create Block Rules to specifically block certain applications from executing. Use Block Rules to ensure that Application Control always blocks certain applications. Copy: Select an existing rule and click Copy to create a rule based on the existing settings. For more information, see Configuring Application Control Rules.
View or change rules	Click a name in the Rule column.
Delete rules	Select rules and click Delete.
View policy associations	Move the cursor over a number in the Target Policies column to display a list of all policies that implement the rule.