Application Control provides you with the ability to control which users have access
to
specific applications on certain endpoints. You have the option of creating an overall
endpoint-based policy or, if integrated with Active Directory, very granular user-based
policies per endpoint.
After determining the scope of the policy, you can create application
matching criteria that define which applications to allow, block, or monitor. For
experienced users, you can create
Lockdowncriteria that only allow trusted applications to execute and block all applications not explicitly allowed by the rules.
 |
ImportantTo minimize potential impact on critical system operations, Application Control does
not monitor or block applications (for example,
cmd.exe or powershell.exe) located in the system32 folder on Windows platforms.If a system issue occurs due to a blocked application process, first check your Application
Control settings.
|