Shulou(Shulou.com)06/02 Report--

This article will explain in detail what are the application rules of software restriction strategy in computer network. The editor thinks it is very practical, so I share it with you as a reference. I hope you can get something after reading this article.

Application rules are: 1, certificate rules, you can identify software by signing certificates; 2, hash rules, used to uniquely identify a software program or file; 3, Internet regional rules, only applicable to "Windows Installer" packages; 4, path rules, identify software according to the file path of the software.

The operating environment of this tutorial: windows7 system, Dell G3 computer.

Using software restriction policies, you can protect your computing environment from untrusted software by identifying and specifying software that is allowed to run. The default security level for Group Policy objects can be defined as "unrestricted" or "disallowed" (GPO) to allow or disallow software by default. You can make an exception to this default security level by creating software restriction policy rules for specific software. For example, when the default security level is set to "not allowed", you can create rules that allow specific software to run. The types of rules are as follows:

1. Certificate rules

Software restriction policies can also identify software by signing certificates. You can create a certificate rule to identify the software, and then allow or disallow to run the software according to the security level. For example, you can use certificate rules to automatically trust software from trusted sources in the domain without prompting users. You can also use certificate rules to run files in the disallowed zone of the operating system. Certificate rules are not enabled by default.

When you use Group Policy to create rules for a domain, you must have permission to create or modify group policy objects. If you want to create rules for the local computer, you must have administrative credentials on that computer.

2. Hash rules

A hash is a series of bytes of fixed length that uniquely identify a software program or file. The hash is calculated by the hash algorithm. After you create a hash rule for a software program, the software restriction policy calculates the hash of the program. When a user tries to open a software program, the hash of the program is compared with the existing hash rules of the software restriction policy. No matter where the software program is located on the computer, the hash of the program is always the same. However, if the software program is changed in any way, its hash will also change and no longer match the hash in the hash rule of the software restriction policy.

For example, you can create a hash rule and set the security level to disallow to prevent users from running specific files. You can rename a file or move it to another folder, while the hash remains the same. However, if any changes are made to the file, its hash value is also changed and it is allowed to bypass the limit.

3. Internet area rules

The Internet zone rule applies only to Windows Installer packages. Zone rules can identify software in an area specified by Internet Explorer. These zones are Internet, Local Intranet, restricted sites, trusted sites, and my computer. Internet zone rules are used to prevent users from downloading and installing software.

4. Path rules

The path rule identifies the software according to its file path. For example, if your computer's default security level is not allowed, you can still grant each user unrestricted access to a specific folder. You can create a path rule by using the file path and setting the security level of the path rule to "unrestricted". Some common paths to this type of rule are% userprofile%,% windir%,% appdata%,% programfiles%, and% temp%. You can also create registry path rules that use the software's registry key as its path.

Because these rules are specified by path, if you move the software program, the path rules will no longer apply.

This is the end of this article on "what are the application rules of software restriction policies in computer networks?". I hope the above content can be of some help to you, so that you can learn more knowledge. If you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.