Determining Group Policy Structure and Rule Enforcement

게시: 2009년 8월

업데이트 날짜: 2009년 12월

적용 대상: Windows 7, Windows Server 2008 R2

This overview topic describes the process for planning to deploy AppLocker rules.

You should review the following topics to learn how to structure AppLocker rules for the targeted business groups in your organization:

When determining how many Group Policy objects (GPOs) to create to apply an AppLocker policy in your organization, you should consider the following:

  • Whether you are creating new GPOs or using existing GPOs

  • Whether you are implementing both Software Restriction Policies (SRP) policies and AppLocker policies in the same GPO

  • GPO naming conventions

  • GPO size limits

There is no default limit on the number of AppLocker rules that you can create. However, GPOs have a 2 MB size limit for performance.

After you have determined your Group Policy structure and rule enforcement, record your findings as explained in Document Group Policy Structure and AppLocker Rule Enforcement.

커뮤니티 추가 항목