Application control policies
Application Control policies determine if application actions can be run by particular end users before an application starts. Each policy contains filters and actions.
Following is a list of policies available in the Application Control Solution:
- Create Application Control policies
- Application analysis policies
- Application firewall policies
- Privilege management policies
- Process hardening policies
- Tracking policies
- Whitelisting policies
If you right-click the Application Control > Policies folder, you can create the following New policies:
Application Compatibility Testing Policy - Application Compatibility Testing policy that only applies to test computers.
Application Control Test Policy - Application Control policy that only applies to test computers.
Application Firewall Policy - This policy can be used to enforce firewall rules on applications that have been classified.
Automate Document Encryption - This policy will automate the encryption of a number of common documents types created or modified by an application.
Blank Application Control Policy - This policy is empty and ready to be configured with custom actions.
Deny Application Execution - This policy prevents processes from running.
Elevate Process Rights - This policy will elevate the applications that are targeted.
Meter Application Usage - This policy meters all application usage for the specified applications.
Prevent Windows Hooking - This policy prevents an application from installing Windows API hooks.
Quarantine Application - This policy prevents the specified applications from running and places them in a quarantine folder.
Reference System Whitelist - This policy template is used to create a File Scan Policy for the reference system(s) and an Application Control policy to whitelist those files.
Restrict Process Rights - This policy implements the fundamental security principle of least privilege by restricting the process rights for an application. Unnecessarily running applications with administrative rights can present significant security problems. This policy reduces the risk of an exploit infecting a computer from within an application.
Run Application in Read-Only Mode - This policy prevents an application from modifying or creating new executable files. All executable files will only be allowed to be opened in read-only mode.
Run Application in Workspace Virtualization Layer - This policy captures and isolates all changes made by an application to the file system or registry in the Application Control SVS layer.
Whitelist Software Delivery Packages - This policy template can be used to automatically whitelist packages that are being delivered through Software Delivery