Endpoint Protection

 View Only

  • 1.  Application Blocking policy

    Posted Oct 28, 2012 05:53 AM

    Hi

    I want to know how can i block a application from running

    Regards



  • 2.  RE: Application Blocking policy

    Broadcom Employee
    Posted Oct 28, 2012 05:59 AM

    example of blocking msn application , similarly you can use to block the file/application you want

    https://www-secure.symantec.com/connect/forums/block-msn

    https://www-secure.symantec.com/connect/forums/how-block-applications-sep-using-md5

     

    Symantec Endpoint Protection Manager - Application and Device Control - Policies explained

    http://www.symantec.com/docs/TECH104431

    WhitePaper on Application and Device Control:

    http://www.symantec.com/avcenter/security/ADC/Configuring_Application_Control_1.1.pdf

    Best Practices for Deploying Symantec Endpoint Protection's Application and Device Control Policies

    http://www.symantec.com/docs/TECH181679

    http://www.symantec.com/docs/TECH145973



  • 3.  RE: Application Blocking policy



  • 4.  RE: Application Blocking policy

    Broadcom Employee
    Posted Oct 28, 2012 06:02 AM

    also check this

    Block Software By Fingerprint
     
    https://www-secure.symantec.com/connect/articles/block-software-fingerprint
     
    How to use Symantec Endpoint Protection to block or log legitimate but unauthorized software usage
     
    http://www.symantec.com/business/support/index?page=content&id=TECH97618


  • 5.  RE: Application Blocking policy

    Posted Oct 28, 2012 07:41 AM
      |   view attached

    Find the attach Application and Device Control.pdf, read the same it can help you to create the ADC policy

    Attachment(s)

    pdf
    Application and Device Control_0.pdf   1.82 MB 1 version


  • 6.  RE: Application Blocking policy

    Broadcom Employee
    Posted Oct 29, 2012 01:52 AM

    Hi,

    You should learn both the concepts i.e.. Application learning & System lockdown

    Application Learning

    The Windows Symantec Endpoint Protection client monitors and collects information about the applications and the services that run on each computer. You can configure the client to collect the information in a list and send the list to the management server. The list of applications and their characteristics is called learned applications.

    You can use this information to find out what applications your users run. You can also use the information when you need information about applications in the following areas:

    Monitoring applications and services that run on client computers

    http://www.symantec.com/docs/HOWTO55218

    System Lockdown:

    Setting up system lockdown

    http://www.symantec.com/docs/HOWTO27320

    Check this article for more reference:

    https://www-secure.symantec.com/connect/forums/sep...



  • 7.  RE: Application Blocking policy

    Trusted Advisor
    Posted Oct 29, 2012 11:00 AM

    Hello,

    You could block an application via Application Control OR via System Lockdown.

    For Application Control, check these Articles:

    About best practices for creating application control rules

    http://www.symantec.com/docs/HOWTO55145

    How to configure Application Control in Symantec Endpoint Protection 11.0 : Configuring Application Control Policies

    http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/7049d06ba3c9e86f802573620054d9c2?OpenDocument

    How to use Symantec Endpoint Protection to block or log legitimate but unauthorized software usage

    http://www.symantec.com/docs/TECH97618

    and
     

    For System Lockdown, please check these Articles:

    Configuring system lockdown

    http://www.symantec.com/business/support/index?page=content&id=HOWTO55130

    About system lockdown

    http://www.symantec.com/business/support/index?page=content&id=HOWTO27322

    Managing file fingerprint lists

    http://www.symantec.com/business/support/index?page=content&id=HOWTO55133

    Running system lockdown in test mode

    http://www.symantec.com/business/support/index?page=content&id=HOWTO55131

    Enabling system lockdown to block unapproved applications

    http://www.symantec.com/business/support/index?page=content&id=HOWTO55132

    Check this thread: http://www.symantec.com/connect/forums/system-lockdownis-it-working

    Monitoring the applications and services that run on client computers

    http://www.symantec.com/docs/HOWTO55218

    You can use a query tool to search for the list of applications that the client computers run. You can search on application-based criteria or computer-based criteria. For example, you can find out the version of Internet Explorer that each client computer uses.

    See Searching for information about the applications that the computers run.

    You can save the results of an application search for review.

    See Saving the results of an application search.

    Hope that helps!!



  • 8.  RE: Application Blocking policy

    Posted Oct 31, 2012 01:27 AM

    Hi

    Please find the link below and let me know if it helps

    http://www.symantec.com/business/support/index?page=content&id=HOWTO55145&actp=search&viewlocale=en_US&searchid=1351661150763

    Regards