I know this is a huge question for others as well!!
I've got my app control rules that prevent certain things from happening in the user profile area.
However, I need to allow SOME things to access, create or run files in the user profile area.
Good example is Word and Outlook need to be able to create HTML files for use as email signatures.
Some applications, like "webinar" apps need to install files in the user profile area. I need to allow this.
There are two ways that I see, and it's confusing!
I can create the rule, and say "prevent * from accessing these areas" then below, create the specific exceptions.
OR, I can do like in this image, do a two leve thing where the top defins things I want to run or allow, and the bottom does the blocking.
HOWEVER, I'm unclear - WHICH do I choose and how............
In this image here, do I choose "continue processing other rules" or, do I choose "allow access" and what the @!#$ is the difference?????
Say I want to put winword.exe at the top, and have SEP ignore it, which would I choose of the above?
Or, do I simply create a single level rule, say apply to * then below say do not apply to word?
Which is better or preferred, what's the differences????????
Looks like 10 ways to get the same thing, but it seems, it's not working the way I have it here! SEP still blocks these things unless lower down, I say do not apply to these.
So here - do I choose allow access, or continue processing other rules?
Seems I need to add them down below, too, in the next section........... help please!