- #ENABLE APPLOCKER WINDOWS 10 HOW TO#
- #ENABLE APPLOCKER WINDOWS 10 UPDATE#
- #ENABLE APPLOCKER WINDOWS 10 WINDOWS 10#
Automatically with an Endpoint Protection Policy.I will divide this blog into multiple parts. It could be a great addition to securing your environment.
#ENABLE APPLOCKER WINDOWS 10 HOW TO#
Thanks for reading my post.This blog is the fourth part of the Endpoint Security Series and it will show you how to configure Windows Defender Application Control (WDAC), aka Device Guard. If you don't have any thoughts on where I might find the info, no worries. It would just be handy to also have what I was fairly confident I'd read somewhere. That's really not the end of the world either - I'm sure I can persuade them with just the statements I've already found. Perhaps - despite my fairly strong memory of reading it - I'm misremembering and it's been possible to use AppLocker on Pro ever since the AppLocker CSP existed. It's not the end of the world if I can't find it. I'm pretty sure I'd read it somewhere and it would be helpful if I could refer to it.
I'm sure he could make the relevant enquiries internally, but as we all know, sometimes it can help move things along a little quicker if you can refer a vendor to their own statements.
#ENABLE APPLOCKER WINDOWS 10 UPDATE#
They still seem unsure that it is fully supported, so I was hoping I could dig out the statements I'd previously read as something that says "it wasn't supported until feature update X when we intentionally added it" as that would be pretty conclusive. This particular engineer didn't seem to be aware of the official support for AppLocker via CSP, so I have provided them with the link I mentioned previously.
His prior understanding is that AppLocker on Pro can sometimes work in practice, but it's unsupported. Again, for reasons that I don't really think are important (and have nothing to do with me "misleading" anyone), it would be handy to be able to pass him the info. It's actually (and rather ironically) to provide to an engineer in MS support that is helping me with a specific issue relating to the use of AppLocker via CSP. To be honest that's a bit presumptuous on your part and not helpful. Nope, no misleading of anyone on my part. I appreciate that this statement confirms the fact that AppLocker is supported on Pro, but for reasons that I won't bother going into right now, it would really be helpful if I could find something official from MS mentioning the fact the change was made and in which feature update.
#ENABLE APPLOCKER WINDOWS 10 WINDOWS 10#
You can only manage AppLocker with Group Policy on devices running Windows 10 and Windows 11 Enterprise, Windows 10 and Windows 11 Education, and Windows Server 2016." "You can use the AppLocker CSP to configure AppLocker policies on any edition of Windows 10 and Windows 11 supported by Mobile Device Management (MDM). All I can find is the below doc with the following statement: However, I can't seem to find it anywhere now. If managed via Group Policy, Enterprise edition is still required.īack when I originally read about this, I could swear I read an official Microsoft doc/blog somewhere that said this was changed fairly recently and in which Win 10 feature update it was introduced. Microsoft have since made it available on Pro edition, but only if it is being managed via Intune (or another MDM). Until relatively recently, use of AppLocker required the Enterprise edition of Windows 10.
0 kommentar(er)
