How to configure SEP to block applications on managed SEP clients
|Article:TECH105262|||||Created: 2008-01-30|||||Updated: 2009-01-26|||||Article URL http://www.symantec.com/docs/TECH105262|
How do I create a rule to block applications with SEP?
The following steps are basic guidance for creating a policy rule to block various applications for managed SEP clients.
1. Log into the SEPM.
2. Click on the "Policies" icon.
3. Select edit the “Application and Device control” policy.
4. Click on "Application Control" in left hand pane. In the right hand pane, click on the "ADD" button.
5. Type in a context relevant name for the new rule in the "Rule set name" field.
6. Click on the "ADD" button at the bottom and select ADD Rule
7. Right click newly created rule and choose Add ConditionàFile and Folder access Attempts.
8. Click on the "ADD" button for “Apply to following files and folders”.
9. Type in the path for the location of the application/file type (Wild card symbols and system variables are acceptable.).
10. If desired, select the check box for "Only match files on the following drive types" and select the appropriate drive from the options presented.
11. Press "OK"
12. Click on the "Actions" tab and select "Block Access" in either of the “Read Attempt” and “Create, Delete, or Write Attempt” sections.
13. Press "OK"
14. Press "OK"
15. Ensure that the newly edited policy is selected/highlighted and select "Assign the Policy" under "Tasks" in the left hand pane.
16. In the new window presented, under the "Assign Policy" filed, select the respective groups to assign the policy to.
Note: SEP will not interrupt the functionality of MS-Word, Excel, and PowerPoint by default.
Article URL http://www.symantec.com/docs/TECH105262