Enabling system lockdown to run in blacklist mode

Article:HOWTO81100  |  Created: 2012-10-24  |  Updated: 2014-09-21  |  Article URL http://www.symantec.com/docs/HOWTO81100
Article Type
How To


Enabling system lockdown to run in blacklist mode

You can enable system lockdown to block a list of unapproved applications on your client computers. All applications in the unapproved list are blocked. The unapproved list is called a blacklist. Any other applications are allowed. Allowed applications are subject to Symantec Endpoint Protection's other protection features.


You can choose the whitelist or blacklist mode if you set up Symantec Endpoint Protection Manager to show both options.

You should configure system lockdown to block unapproved applications only after the following conditions are true:

  • You tested the system lockdown configuration with the Log Unapproved Applications Only option.

  • You are sure that all of the applications that your client computers should block are listed in the unapproved applications list.

To enable system lockdown to run in blacklist mode

  1. On the console, click Clients.

  2. Under Clients, select the group for which you want to set up system lockdown.

    If you select a subgroup, the parent group must have inheritance turned off.

    See Disabling and enabling a group's inheritance.

  3. On the Policies tab, select System Lockdown.

  4. In the System Lockdown dialog box, select Enable Blacklist Mode.

  5. Click Step 2: Enable System Lockdown. This step blocks any unapproved applications that clients try to run on the client computers in the selected group.

  6. Under Unapproved Applications, make sure that you have included all the applications that your client computers should block.


    A large number of named applications might decrease your client computer performance.

  7. To display a message on the client computer when the client blocks an application, check Notify the user if an application is blocked.

  8. Click OK.

See Making the blacklist mode for system lockdown appear in Symantec Endpoint Protection Manager

See Setting up and testing the system lockdown configuration before you enable system lockdown.

See Configuring system lockdown

Legacy ID


Article URL http://www.symantec.com/docs/HOWTO81100

Terms of use for this information are found in Legal Notices