As a further note, make sure that enterprise rollup installed on everything, it fixes so much stuff with Group Policy. Just reams of stuff.
From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Tuesday, February 9, 2016 10:53 AM To: [email protected] Subject: [adgpo] RE: Anyone Running AppLocker on Servers? Just heard from a friend. If any of those servers are 2008r2, be sure to have the enterprise hotfix rollup installed on them. https://support.microsoft.com/en-us/kb/2775511 It contains updated dlls that fix bugs with applocker. (He had a bad time with some applocker policies until this was installed.) ________________________________ From: [email protected]<mailto:[email protected]> [[email protected]] on behalf of Kevin Kaminski [[email protected]] Sent: Friday, January 29, 2016 11:48 AM To: [email protected]<mailto:[email protected]> Subject: [adgpo] RE: Anyone Running AppLocker on Servers? I dug up some articles on using SCOM to provide real time alerting and reporting so hopefully what I got will be good enough. I guess we will see if we get to do a POC. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Darren Mar-Elia Sent: January 28, 2016 1:29 PM To: [email protected]<mailto:[email protected]> Subject: [adgpo] RE: Anyone Running AppLocker on Servers? I think what you will lack with Applocker vs. a 3rd party product is centralized reporting. Beyond that, it's a pretty capable app whitelisting feature for an in-the-box feature. Darren Darren Mar-Elia President & Founder - www.sdmsoftware.com<http://www.sdmsoftware.com/> -- "The Configuration Experts" +1-415-226-1308 [email protected]<mailto:[email protected]> FOLLOW US ONLINE!: Twitter: http://www.twitter.com/grouppolicyguy Facebook: http://www.facebook.com/sdmsoftware YouTube: http://www.youtube.com/sdmsoftware From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Kevin Kaminski Sent: Thursday, January 28, 2016 11:52 AM To: [email protected]<mailto:[email protected]> Subject: [adgpo] RE: Anyone Running AppLocker on Servers? I have a client that is currently using McAfee to do the same task but they are looking at AppLocker to replace that product. I think I found a reference to help the customer feel better about trying AppLocker in this context. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of [email protected]<mailto:[email protected]> Sent: Tuesday, January 26, 2016 3:02 PM To: [email protected]<mailto:[email protected]> Subject: [adgpo] RE: Anyone Running AppLocker on Servers? What are you looking to lockdown? If you are thinking about enabling this on existing servers, I highly advise you put it in audit mode and run that for a month. then look at the logs to see what would have been blocked. AppLocker is a sure-fire way to break stuff, if you don't take your time when implementing. ________________________________ From: [email protected]<mailto:[email protected]> [[email protected]] on behalf of Kevin Kaminski [[email protected]] Sent: Tuesday, January 26, 2016 4:19 PM To: [email protected]<mailto:[email protected]> Subject: [adgpo] Anyone Running AppLocker on Servers? Hi, I am trying to help out some Microsoft presales guys in Canada. Has anyone ever used AppLocker on regular servers? i.e. not RDS or VDI but normal server workloads.
