Shulou(Shulou.com)06/01 Report--

How to restrict the software running through the application control policy in the local security policy in windows? aiming at this problem, this article introduces the corresponding analysis and solution in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible method.

1. Open the control panel and select the management tool. As shown in the following figure:

2. Select a local security policy. As shown in the following figure:

3. After opening the local security policy, open the "Application Control Policy"-click "Applocker". As shown in the following figure:

4. After opening Applocker, the figure is as follows:

5. Before setting the rules, make sure whether the Application Identity service is set to start automatically. Only when the service is started, the Applocker setting takes effect. The opening method is the same as step 1. After opening the search, enter "Services.msc" to open the service settings interface. As shown in the following figure:

6. Select automatic, and click start. As shown in the following figure:

7. Next, you can set up a specific project, first of all, choose to configure mandatory rules. As shown in the following figure:

8. You can see in the Enforcement tab, you can set whether each rule set enforces applocker rules. There are two options: mandatory rules and audit only. When set to mandatory rules, the set rules will be enforced. When set to audit only, the set rules will be recorded in the log after they take effect, but will not really take effect. As shown in the following figure:

9. Take setting executable rules as an example, select executable rules in the Applocker interface. As shown in the following figure:

10. Right-click and select create a new rule. As shown in the following figure:

Click "next". As shown in the following figure:

12. Set whether the rule allows or denies the rule, and you can choose the user or user group for which to target. As shown in the following figure:

13, set conditions, there are three kinds of conditions, publisher, path and file hash, according to the demand. As shown in the following figure:

14. Take file hashing as an example, disable the notes mailbox program. First select File Hash as shown in the following figure:

15. Select the application that uses the setting rules. Take "notes.exe" as an example, and then click next. As shown in the following figure:

16. Enter the name and description of the rule, and click create. As shown in the following figure:

17. The procedure rules have been established and will take effect after restart.

This is the answer to the question about how to restrict the operation of the software through the application control policy in the local security policy in windows. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.