AppLocker is a new feature in Windows 7 and Windows Server 2008 R2 that replaces Software Restriction Policies in earlier versions of Windows. Like Software Restriction Policies, AppLocker gives administrators control over which applications standard users can run. Restricting the applications that users can run not only gives greater control over the desktop environment, but it is one of the best ways to reduce the risk of malware infections, limit the possibility of running unlicensed software, and prevent users from running software that IT has not verified as meeting security compliance requirements.
Compared with Software Restriction Policies, AppLocker provides the following benefits:
• Defines rules based on attributes in the digital signature, such as the publisher, filename, and version. This is a tremendously useful feature because it can allow administrators to let users run any version of a signed application, including future versions. For example, consider an IT department that develops and signs a custom application that users should be able to run. In earlier versions of Windows, administrators could create a rule based on the hash of the file, allowing users to run that specific version of the application. If the IT department released an update to the executable file, administrators would need to create a new rule for the update. With Windows 7, administrators can create a rule that applies to current and future versions, allowing updates to be quickly deployed without waiting for rule changes.
• Assigns rules to security groups or individual users.
• Creates exceptions for .exe files. For example, administrators can create a rule that
allows any application to run except a specific .exe file.
• Imports and exports rules, which allow administrators to copy and edit rules easily.
• Identifies files that cannot be allowed to run if a policy is applied by using the auditonly mode.
Source of Information : Windows 7 Resource Kit 2009 Microsoft Press
One of the misconceptions about cloud storage is that it is only useful for storing files. This assumption comes from the popularity of file...
On today’s Internet, IPv4 has the following disadvantages: • Limited address space. The most visible and urgent problem with using IPv4 on ...
The following are the advantages of WAP: ● Implementation near to the Internet model; ● Most modern mobile telephone devices support WAP; ...
Many of the virus, adware, security, and crash problems with Windows occu when someone installs a driver of dubious origin. The driver suppo...