Are there any special considerations?
By default, AppLocker rules do not allow users to open or run any files that are not specifically allowed. Administrators should maintain an up-to-date list of allowed applications.
Expect an increase in the number of help desk calls initially because of blocked applications. As users begin to understand that they cannot run applications that are not allowed, the help desk calls may decrease.
There is minimal performance degradation because of the runtime checks.
Because AppLocker is similar to the Group Policy mechanism, administrators should understand Group Policy creation and deployment.
AppLocker rules cannot be used to manage computers running a Windows operating system earlier than Windows 7.
If AppLocker rules are defined in a GPO, only those rules are applied. To ensure interoperability between Software Restriction Policies rules and AppLocker rules, define Software Restriction Policies rules and AppLocker rules in different GPOs.
When an AppLocker rule is set to Audit only, the rule is not enforced. When a user runs an application that is included in the rule, the application is opened and runs normally, and information about that application is added to the AppLocker event log.
|