Managed Desktops and Application Whitelisting
Learn about the importance of application whitelisting for managing desktop security effectively. Discover what application whitelisting is, reasons for implementing it, setting up policies, troubleshooting challenges, and common security layers. Find out how it can enhance security by controlling application execution and why it is crucial to care about it. Explore the problems solved by application whitelisting and the implementation options like Microsoft AppLocker for Windows systems.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Application Whitelisting and Your Managed Desktops Aakash Shah / Jeremy Paje August 15, 2018
Application Whitelisting and Your Managed Desktops About Us Jeremy Paje Manager, Desktop Support Services Office of Information Technology Aakash Shah Systems Engineer, Windows Services Group Office of Information Technology 2
Application Whitelisting and Your Managed Desktops Overview What is Application Whitelisting? Reasons for implementing Setting up AppLocker policies Troubleshooting AppLocker Challenges Questions 3
Application Whitelisting and Your Managed Desktops Question for you 4
Application Whitelisting and Your Managed Desktops Common security layers Antivirus Firewall (software) Firewall (hardware) Patching IPS *Application whitelisting 5
Application Whitelisting and Your Managed Desktops What is Application Whitelisting? Ways to control application execution Trust Centric Default Deny, allow only files on whitelist to run. (recommended) Threat Centric Default Allow, block files on blacklist from running. 6
Application Whitelisting and Your Managed Desktops Why should we care? 7
Application Whitelisting and Your Managed Desktops Problems Before Application Whitelisting (Even on patched machines even without admin rights) 8
Application Whitelisting Microsoft AppLocker Windows 10 Enterprise/Education, Windows 7 Enterprise Group Policy 9
First things first Test, test, test... 10
Application Whitelisting and Your Managed Desktops Where Are The AppLocker Policies? 11
Application Whitelisting and Your Managed Desktops Configure Rule Enforcement 12
Application Whitelisting and Your Managed Desktops Enable DLL Rules 13
Application Whitelisting and Your Managed Desktops 14
Application Whitelisting and Your Managed Desktops Create Default Rules 15
Application Whitelisting and Your Managed Desktops Default Rules View 16
Application Whitelisting and Your Managed Desktops Adding Custom Rules 18
Application Whitelisting and Your Managed Desktops 19
Application Whitelisting and Your Managed Desktops 20
Logs 23
Recommendations/Tips Store apps - NT AUTHORITY\SYSTEM Writable folders under C:\Windows AppLocker variables DLLs 24
Application Whitelisting and Your Managed Desktops Challenges Types of problems we see: I need to log into this webinar now! Errors while installing applications Issued To certificate attribute changes AppLocker rule limitations Constrained Language Mode in PowerShell 25
Application Whitelisting and Your Managed Desktops Questions? Jeremy Paje Manager, Desktop Support Services Office of Information Technology jpaje@uci.edu Aakash Shah Systems Engineer, Windows Services Group Office of Information Technology aakash.shah@uci.edu Click Here To Audio Of This Presentation 26
