You’ve probably heard about software restriction policies. These policies are created in Windows Active Directory Group Policy and allow you to deny applications or allow applications at the desktop. Of course, denying “bad” applications using blacklisting is like chasing your tail. You’ll never be able to identify all the “bad” applications users might use. However, whitelisting applications is a realistic goal. The trick is to determine what are your “good” applications.
In the past you might have avoided software restriction policies because you thought it was too hard to determine what applications the users are using and that deploying a dysfunctional software restriction policy could get you into hot water with your users and worse, with your boss.
The good news is that there are number of techniques that you can use to determine what the “good” applications are in your environment. You can then use this information to create your white list applications and configure those into software restriction policies.
For more information on how to detect your white list applications and how to configure the software restriction policy, check out:
http://technet.microsoft.com/en-us/magazine/cc510322(TechNet.10).aspx
HTH,
Thomas W Shinder, M.D.
Site: http://www.isaserver.org/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8
Email: [email protected]
MVP – Microsoft Firewalls (ISA)