AppLocker is a new feature in Windows 7 and Windows Server 2008 R2 that replaces Software Restriction Policies in earlier versions of Windows. Like Software Restriction Policies, AppLocker gives administrators control over which applications standard users can run. Restricting the applications that users can run not only gives greater control over the desktop environment, but it is one of the best ways to reduce the risk of malware infections, limit the possibility of running unlicensed software, and prevent users from running software that IT has not verified as meeting security compliance requirements.
Compared with Software Restriction Policies, AppLocker provides the following benefits:
• Defines rules based on attributes in the digital signature, such as the publisher, filename, and version. This is a tremendously useful feature because it can allow administrators to let users run any version of a signed application, including future versions. For example, consider an IT department that develops and signs a custom application that users should be able to run. In earlier versions of Windows, administrators could create a rule based on the hash of the file, allowing users to run that specific version of the application. If the IT department released an update to the executable file, administrators would need to create a new rule for the update. With Windows 7, administrators can create a rule that applies to current and future versions, allowing updates to be quickly deployed without waiting for rule changes.
• Assigns rules to security groups or individual users.
• Creates exceptions for .exe files. For example, administrators can create a rule that
allows any application to run except a specific .exe file.
• Imports and exports rules, which allow administrators to copy and edit rules easily.
• Identifies files that cannot be allowed to run if a policy is applied by using the auditonly mode.
Source of Information : Windows 7 Resource Kit 2009 Microsoft Press
Subscribe to:
Post Comments (Atom)
Cloud storage is for blocks too, not just files
One of the misconceptions about cloud storage is that it is only useful for storing files. This assumption comes from the popularity of file...
-
Many of the virus, adware, security, and crash problems with Windows occu when someone installs a driver of dubious origin. The driver suppo...
-
The Berkeley motes are a family of embedded sensor nodes sharing roughly the same architecture. Let us take the MICA mote as an example. T...
-
Modern computers contain a significant amount of memory, and it isn’t easy to know whether the memory is usable. Because of the way that Win...
No comments:
Post a Comment