How can i Block Browser like Opera,Firefox etc via SEPM
You need to create a rule to block the executables using application and device control
You can also use application and device control to block applications from running
Login to Symantec Endpoint Protection Manager. and Select the Policies .
Select Application and Device Control from under the View Policies menu.
Select Add and Application and Device Control from under the Tasks menu.
Select Application Control from under the Application and Device Control menu on the left side.
Select Add a new window will appear.
Select Add next to the field labeled Apply this rule to the following process.
With in the box type * .
Leave all other settings the same. Click OK.
On the left side there will be a box labeled Rules. Within it, you should see the rule listed you are working with.
Right click the rule and select Add Condition.
Select Launch Process Attempts, a new window will open.
With in the box type <process name>.exe. This will be the exact name of the executable that is going to be blocked.
From the same window, select the Actions tab from the top middle.
From within the Launch Process Attempt box select Block access.
Select OK again from the Application Control screen.
And then Select Assign.
additionally There is a default application control policy called "Block applications from running"
Simply add the applications you want to block (by name or MD5 hash) into the policy where instructed and that will block them.
It's suggested to block the application with the help of MD5 value because smart user can rename the explorer.exe and try to access it.
I would suggest to test it before implementing in production environment.
Can refer this article:
Configuring Application and Device Control
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<