SEP 12.x: Want to restrict people installing applications
Hi all. I haven't gotten into the App & Device control aspects of SEP all that much yet. Once in the past I enabled the checkmark in Device Control that prevents apps from launching from USB devices, but that caused all BlackBerry users to be unable to use their Desktop Manager software so I decided to not use this feature any further until more itme couldc be spent testing, which hasn't occured yet.
Anyway, lately there has been a rash of adware/junkware getting installed on the systems at more than one of my customers. Center to this seems to be this cursed Conduit Search Protect. Freakin' bstards whoever makes that software. Systems end up getting that on there, then a bunch of toolbars, "computer optimizers" and all that crapware that the idiots of the world make get on there. Sortry to rant, I'm just tired of trying to remove such stupid adware as otshot and what not (yes, that rhymes cuz I rhymes all the times). A lot of that stuff never uninstalls cleanly so we end up with "run DLL" errors on login and so forth.
Ok all bad jokes aside, I want to restrict all users on a network from being able to install software, but i need to leave them as local admins on their own machine thus AD or local security policy gpediting is not an option I think. Some customers are not using AD anyway so a universal solution is more ideal. I was wondering if App control in SEP can get this done?