What are the major changes?
Windows AppLocker is a new feature in Windows® 7 and Windows Server® 2008 R2 that replaces the Software Restriction Policies feature. AppLocker contains new capabilities and extensions that reduce administrative overhead and help administrators control how users can access and use files, such as .exe files, scripts, Windows Installer files (.msi and .msp files), and DLLs.
What does AppLocker do?
Using AppLocker, you can:
Define rules based on file attributes derived from the digital signature, including the publisher, product name, file name, and file version. For example, you can create rules based on the publisher and file version attributes that are persistent through updates, or you can create rules that target a specific version of a file.
AppLocker rules specify which files are allowed to run. Files that are not included in rules are not allowed to run.
Assign a rule to a security group or an individual user.
Note
You cannot assign AppLocker rules to Internet zones, individual computers, or registry paths.
Create exceptions for .exe files. For example, you can create a rule that allows all Windows processes to run except Regedit.exe.
Use audit-only mode to identify files that would not be allowed to run if the policy were in effect.
Import and export rules.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment