Our client has below mentioned queries regarding SEP deployment.
If client plant to use application whitelisting (allowing specific applications and blocking all the rest), how they can manage below points.
1. MS-updates, patches, service packs... Do we have to manually add every single patch, update and service pack in whitelist everytime or there is some better way to manage such operation? In client scenario, MS udpates, patches and service packs are usually pushed via SCCM server.
2. Hardware drivers.. Similarly client has several different hardware brands in their network with several models. Do they have to manually add/allow each single driver in whitelist or is there some better way for managing this.