Endpoint Protection

Hi All,

I'm looking at the possibility of using Application and Device control to prevent users from running any applications not deemed necessary.

How can I prevent access to all applications with the expection of required windows apps and a set list(Office etc?)

Thanks

Dean

Sounds like you'd want to start with the System Lockdown feature first. You can grab a fingerprint list of your golden image and start from there.

http://www.symantec.com/docs/HOWTO80849

http://www.symantec.com/docs/HOWTO80848

Thanks for that. It looks like it will work.

I'm tring it now. I've set to blacklist everything without any exceptions as I hope to be able to identify required apps and add them to a white list later.

I have selected the option to "Log unapproved Applications" but after 1 hour nothing is showing. Have I configured it wrong or do I need to give it more time?

Which mode did you enable?

I enabled "Log unapproved Applications"

Whitelist or Blacklist?

Additionally, do you have the applicationa nd device control component installed? It's required for system lockdown.

I wasn't able to get the "Log Unapproved Applications" to log anything but I was able to implement the Lockdown.

We had have an issue with a few legitimate programs already installed being block.

I'd like to know if Windows Updates will cause issues with this configuration. Will we need to take a new finger print after every update?

As an alternative we have being looking at Application Control again. This time though we'd like to allow applications to run only if they are in certain directories.

I've been unable to get this to work though, Any help on this would be appriciated.