mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-13 13:57:22 +00:00
added WD DG and AppLocker topic
This commit is contained in:
Justin Hall
parent
2ceed808fb
commit
0a7930cea1
@ -28,6 +28,7 @@
|
||||
### [Use signed policies to protect Windows Defender Application Control against tampering](use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md)
|
||||
#### [Signing WDAC policies with SignTool.exe](signing-policies-with-signtool.md)
|
||||
### [Disable WDAC policies](disable-windows-defender-application-control-policies.md)
|
||||
### [Device Guard and AppLocker](windows-defender-device-guard-and-applocker.md)
|
||||
|
||||
## [AppLocker](applocker\applocker-overview.md)
|
||||
### [Administer AppLocker](applocker\administer-applocker.md)
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Audit Windows Defender Application Control policies
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Create a Windows Defender Application Control policy from a reference computer
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Disable Windows Defender Application Control policies
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Enforce Windows Defender Application Control policies
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Manage packaged apps with Windows Defender Application Control
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Merge Windows Defender Application Control policies
|
||||
|
||||
@ -6,7 +6,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Microsoft recommended block rules
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Use code signing to simplify application control for classic Windows applications
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Use signed policies to protect Windows Defender Application Control against tampering
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules
|
||||
|
||||
@ -6,7 +6,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Planning and getting started on the Windows Defender Application Control deployment process
|
||||
|
||||
@ -8,7 +8,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 02/27/2018
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Windows Defender Application Control
|
||||
|
||||
@ -0,0 +1,22 @@
|
||||
---
|
||||
title: Windows Defender Device Guard and AppLocker (Windows 10)
|
||||
description: Explains how
|
||||
keywords: virtualization, security, malware
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: high
|
||||
author: jsuther1974
|
||||
ms.date: 05/03/2018
|
||||
---
|
||||
|
||||
# Windows Defender Device Guard with AppLocker
|
||||
|
||||
Although [AppLocker](applocker/applocker-overview.md) is not considered a new Windows Defender Device Guard feature, it complements Windows Defender Device Guard functionality when Windows Defender Application Control (WDAC) cannot be fully implemented or its functionality does not cover every desired scenario.
|
||||
There are many scenarios in which WDAC would be used alongside AppLocker rules.
|
||||
As a best practice, you should enforce WDAC at the most restrictive level possible for your organization, and then you can use AppLocker to fine-tune the restrictions to an even lower level.
|
||||
|
||||
> [!NOTE]
|
||||
> One example of how Windows Defender Device Guard functionality can be enhanced by AppLocker is when you want to apply different policies for different users on the same device. For example, you may allow your IT support personnel to run additional apps that you do not allow for your end-users. You can accomplish this user-specific enforcement by using an AppLocker rule.
|
||||
|
||||
AppLocker and Windows Defender Device Guard should run side-by-side in your organization, which offers the best of both security features at the same time and provides the most comprehensive security to as many devices as possible.
|
||||
In addition to these features, we recommend that you continue to maintain an enterprise antivirus solution for a well-rounded enterprise security portfolio.
|
||||
Loading…
x
Reference in New Issue
Block a user