![]() Let’s look at how to create each condition type.Īnd with configuring AppLocker policies, you can create AppLocker rules using Group Policy or through the Local Security Policy. Here you have three choices: rules that use hash conditions, rules that use path conditions and rules that use publisher conditions. The other consideration is the type of conditions that are to be evaluated by a rule to determine whether an application will be allowed or blocked. The different rule types are separated into rule collections. These types include executable rules, script rules, Windows installer rules, DLL rules and Packaged app/installer rules. Which one will work best for a given application depends on the type of files used. You might recall that you can create five different types of rules. In this section, we’ll show you how to create the different types of rules. Configuring AppLocker Rulesīefore you can audit or enforce AppLocker rules under the policies you’ve created, of course you must have one or more rules to enforce. The procedure is very similar to setting up policies for auditing only.įirst, follow steps 1 through 8 above, but on the Enforcement tab of the AppLocker Properties dialog box, select Enforce rules instead of Audit only. To prevent users from running applications that could present security risks or diminish work productivity, you will want to configure your policies to enforce the rules you’ve created. Configuring enforcement of AppLocker policies Then follow steps 4 through 9 in the list of steps above. To configure a local computer for auditing of AppLocker policies, the procedure is similar, except that you would need to be a member of the Local Admins group and you go through the Local Security Policy snap-in which you can access by typing secpol.msc in the Search Programs and Files box. You can, of course, repeat the procedure if you want to audit more than one rule collection. Select Audit only in the list for the rule collection.Find the rule collection you want to audit and check the Configured check box. ![]()
0 Comments
Leave a Reply. |