Application Control provides you with the ability to control which users have access
to
specific applications on certain endpoints. You have the option of creating an overall
endpoint-based policy or, if integrated with Active Directory, very granular user-based
policies per endpoint.
After determining the scope of the policy, you can create application
matching criteria that define which applications to allow, block, or monitor. For
experienced users, you can create
Lockdowncriteria that only allow trusted applications to execute and block all applications not explicitly allowed by the rules.