Using Windows Application Control via an Intune template

Подписаться 9 тыс.

Просмотров 3 тыс.

50% 1

In this video you'll see how to apply Windows Application Control using a standard Intune Endpoint Protection policy. You'll also see how you can use the Microsoft Intelligent Security Graph to also allow 'trusted applications' to run in your environment. Finally, there are are some tips and tricks with this process that will also be shared.

Наука

Опубликовано:

19 июн 2023

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 20

@alanrahal7306 8 месяцев назад

Thanks Robert, nice and easy to understand

@ToTCaMbIu 5 месяцев назад

Great explanation! Any idea how one configures WDAC to be able to override it with a local admin account? e.g. install one single application for a single machine. Similar to what is possible with AppLocker.

@directorcia 5 месяцев назад

WDAC is a device NOT user policy. If you want a user policy use AppLocker. WDAC because it is a device policy is far more secure.

@muhammadhassansiddiqui9129 Месяц назад

Hi Robert, can we allow only notepad to a user and apply only to the user's group

@directorcia Месяц назад

Yes

@fbifido2 Год назад

How can you enable Windows Application Control, plus allow your LOB apps, be it either 32bit or 64bit?

@directorcia Год назад

You will probably need to use a more granular control like custom WDAC policies. But it can be done but custom apps probably need a custom WDAC policy, which can still be deployed via Intune. See my other videos on that here.

@GregThomson Год назад

@directorcia might be worth a video?

@directorcia Год назад

@@GregThomson sorry, far too complicated. Besides that’s WDAC and I have already done a video on that.

@jameseduard2092 Год назад

awesome video guide, how can we manage to control on specific application to block only?

@directorcia Год назад

Create a custom policy

@jameseduard2092 Год назад

@@directorcia awesome thanks, do you have any guide sir, like for example we only want to block only specific apps like brave browser or we can specify which app is block, and not only the trusted Microsoft apps is it possible?

@directorcia Год назад

@@jameseduard2092 Sorry, no. I suggest you consult the MS docs.

@clivebuckwheat 7 месяцев назад

Can you do a white list of trusted apps for your organization?

@directorcia 7 месяцев назад

Yes

@clivebuckwheat 6 месяцев назад

@@directorcia how would I do this?

@directorcia 6 месяцев назад

@@clivebuckwheatI suggest you review the MS docs. Basically instead of a line in the XML file blocking an app you'd have one allowing the app. Provided the software has a cert you could do it by public cert.

@clivebuckwheat 6 месяцев назад

@@directorcia So blocking Apps would be much easier I have too much to white list, on your opinion?

@directorcia 6 месяцев назад

@@clivebuckwheat I block known/unknown bad apps rather than allowing good apps. Far easier yes.