A powerful security tool introduced with Windows Server 2008 R2 and expanded in Windows Server 2012, AppLocker is a group policy based component providing an application whitelisting feature set. Application whitelisting restricts software running on the system to a predefined list of allowed software (white list). The configuration and management of the list is based on granular business logic combining filenames, locations, unique hash values, and even digital signatures.

To provide additional support during deployments, AppLocker can be run in audit only mode, recording applications that would be blocked if the policy was enforced. The combination of audit mode, the inherent flexibility of group policies, and the limited set of required ...

Get Windows Server® 2012 Unleashed now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.