Who will be interested in this feature?

AppLocker can help organizations that want to:
 Limit the number and type of files that are allowed to run by preventing unlicensed or malicious software from running and by restricting the ActiveX controls that are installed.

 Reduce the total cost of ownership by ensuring that workstations are homogeneous across their enterprise and that users are running only the software and applications that are approved by the enterprise.
 Reduce the possibility of information leaks from unauthorized software.
AppLocker may also be of interest to organizations that currently use Group Policy objects (GPOs) to manage Windows-based computers or have per-user application installations.
Are there any special considerations?
 By default, AppLocker rules do not allow users to open or run any files that are not specifically allowed. Administrators should maintain an up-to-date list of allowed applications.
 Expect an increase in the number of help desk calls initially because of blocked applications. As users begin to understand that they cannot run applications that are not allowed, the help desk calls may decrease.
 There is minimal performance degradation because of the runtime checks.
 Because AppLocker is similar to the Group Policy mechanism, administrators should understand Group Policy creation and deployment.
 AppLocker rules cannot be used to manage computers running a Windows operating system earlier than Windows 7.
 If AppLocker rules are defined in a GPO, only those rules are applied. To ensure interoperability between Software Restriction Policies rules and AppLocker rules, define Software Restriction Policies rules and AppLocker rules in different GPOs.
 When an AppLocker rule is set to Audit only, the rule is not enforced. When a user runs an application that is included in the rule, the application is opened and runs normally, and information about that application is added to the AppLocker event log.
Which editions include AppLocker?
AppLocker is available in all editions of Windows Server 2008 R2 and in some editions of Windows 7.
Note
At least one Windows Server 2008 R2 domain controller is required to host the AppLocker rules.