Bryan O'Connor | 20 May 2013

Applocker can be used to restrict or allow which software can be run by end users.

One of the courses I teach is the Microsoft Windows 2012 Installing and Configuring course, the Microsoft designation is the 20410B .

In the presentation, we look implementing App Locker Policies.

AppLocker, which was introduced in the Windows 7 operating system and Windows Server 2008 R2, is a security setting feature that controls which applications users are allowed to run.

AppLocker provides administrators a variety of methods for determining quickly and concisely the identity of applications that they may want to restrict, or to which they may want to permit access. You apply AppLocker through Group Policy to computer objects within an OU. You can also apply Individual AppLocker rules to individual AD DS users or groups.

AppLocker also contains options for monitoring or auditing the application of rules. AppLocker can help organizations prevent unlicensed or malicious software from executing, and can selectively restrict ActiveX® controls from being installed. It can also reduce the total cost of ownership by ensuring that workstations are standardized across the enterprise, and that users are running only the software and applications that are approved by the enterprise.

Using AppLocker technology, companies can reduce administrative overhead and help administrators control how users can access and use files, such as .exe files, scripts, Windows Installer files (.msi and .msp files), and DLLs.

You can use AppLocker to restrict software that:

  • Is not allowed to be used in the company. For example, software that can disrupt employees' business productivity, such as social networking software, or software that streams video files or pictures that can use a large amounts of network bandwidth and disk space.
  • Is no longer used or it has been replaced with a newer version. For example, software that is no longer maintained, or for which licenses have expired.
  • Is no longer supported in the company. Software that is not updated with security updates might pose a security risk.
  • Should be used only by specific departments.

The demonstration is available at the BryanQA Youtube site

Bryan O'Connor

Senior Technical Instructor

Bryan O’Connor is a Senior Technical Instructor at QA, teaching VMware, Microsoft and CompTIA courses. In the past, Bryan has also been certified by Novell as a MCNI (Master Certified Novell Instructor). Bryan started in the world of IT in 1986 and has worked in a variety of roles ranging from PC support technician to Network design and consultancy, to Virtualisation consultant. At last count, Bryan held over 40 professional VMware, Microsoft, Novell and CompTIA certifications. Bryan has advised many large organisations on their IT and project management needs to allow them to benefit from the increase in productivity provided by computer systems. In addition to teaching, Bryan does a variety of jobs in QA, including supporting the sales staff and setting up the classrooms. Outside of QA, Bryan enjoys spending time with his wife Tracey and their two daughters Meagan and Jessica, unless there’s a grand prix on the TV when he enjoys paying Tracey, Meagan and Jessica to disappear for the day.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.