Dmitri Stalnuhhin - Fotolia

Q
Get started Bring yourself up to speed with our introductory content.

How does Windows AppLocker work?

Windows AppLocker lets you use rules to whitelist or block applications based on attributes such as publisher or path, but it's not a comprehensive application control tool.

Windows AppLocker is a collection of Group Policy features you can use to control which applications are allowed to run on a system.

First introduced with Windows 7, AppLocker was created as a replacement for Windows' ineffective Software Restriction Policies  -- which still exist, even in Windows 10.

The Windows AppLocker settings exist within the Group Policy Object Editor at Computer Configuration > Windows Settings > Security Settings > Application Control Policies > AppLocker.

AppLocker is based on a series of rules that either allow an application to run or prevent it from running. There are four main types of AppLocker rules, and rules can be applied on a per-user or per-group basis. The rule types include Executable Rules, Windows Installer Rules, Script Rules and Packaged App Rules. These rules use application attributes as a mechanism to identify applications. For example, Executable Rules and Windows Installer Rules can identify an application based on its publisher, path or file hash.

AppLocker works, but it is far from perfect. It is a good tool for blocking specific applications. For example, if you want to phase out an application, you could create an AppLocker rule to prevent workers from using it. If on the other hand, your goal is to allow only certain applications to run, then you are probably be better off using a third-party tool. It is difficult to create a comprehensive set of rules for AppLocker, and something as simple as a software patch can render certain types of rules ineffective. As such, AppLocker is best suited for small jobs rather than comprehensive application protection.

Next Steps

How to whitelist applications in Windows 7

Use AppLocker to control RDS apps

Bypass AppLocker whitelists with one command

This was last published in June 2016

Dig Deeper on Endpoint security management tools

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Which application control tool do you use instead of AppLocker?
Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close