Working with AppLocker Policies
Updated: May 2, 2012
Applies To: Windows 8.1, Windows Server 2012 R2, Windows Server 2012, Windows 8
This topic provides links to procedural topics about creating, maintaining, and testing AppLocker policies in Windows Server® 2012 and Windows® 8.
AppLocker helps reduce administrative overhead and helps reduce the organization's cost of managing computing resources by decreasing the number of help desk calls that result from users running unapproved applications. AppLocker addresses the following application security scenarios:
AppLocker has the ability to enforce its policy in an audit-only mode where all application access activity is registered in event logs. These events can be collected for further analysis. Windows PowerShell cmdlets also help you analyze this data programmatically.
Protection against unwanted software
AppLocker has the ability to deny applications from running when you exclude them from the list of allowed applications. Once AppLocker rules are enforced in the production environment any application that is not covered by the allow rules is blocked from executing.
AppLocker can help you create rules that preclude unlicensed software from running and restricting licensed software to authorized users.
AppLocker policies can be configured to allow only supported or approved applications to run on computers within a business group. This permits a more uniform application deployment.
AppLocker includes a number of improvements in manageability as compared to its predecessor Software Restriction Policies (SRP). Importing and exporting policies, automatic generation of rules from multiple files, audit-only mode deployment and PowerShell cmdlets are a few of the improvements over SRP.
For more information about how AppLocker policies work, see the AppLocker Overview.
For information about Software Restriction Policies and AppLocker policies, see Use AppLocker and Software Restriction Policies in the Same Domain.