deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

added exce rule

Browse Source
This commit is contained in:
Justin Hall 2018-06-28 10:40:20 -07:00
parent bf33052469
commit 498e2267c3
4 changed files with 37 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
View File

@ -198,7 +198,7 @@ Path Publisher
Where `O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US` is the **Publisher** name and `WORDPAD.EXE` is the **File** name.
### Import a list of apps
For this example, were going to add an AppLocker XML file to the **Protected apps** list. Youll use this option if you want to add multiple apps at the same time. For more info about AppLocker, see the [AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview) content.
For this example, were going to add an AppLocker XML file to the **Protected apps** list. Youll use this option if you want to add multiple apps at the same time. The first example shows how to create a Packaged App rule for Store apps. The second example shows how to create an Executable rule by using a path for unsigned apps. For more info about AppLocker, see the [AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview) content.
**To create a list of protected apps using the AppLocker tool**
1. Open the Local Security Policy snap-in (SecPol.msc).
@ -273,6 +273,39 @@ For this example, were going to add an AppLocker XML file to the **Protected
12. After youve created your XML file, you need to import it by using Microsoft Intune.
**To create an Executable rule and xml file for unsigned apps**
1. Open the Local Security Policy snap-in (SecPol.msc).
2. In the left pane, click **Application Control Policies** > **AppLocker** > **Executable Rules**.
3. Right-click **Executable Rules** > **Create New Rule**.
![Local security snap-in, showing the Executable Rules](images/create-new-path-rule.png)
4. On the **Before You Begin** page, click **Next**.
5. On the **Permissions** page, make sure the **Action** is set to **Allow** and the **User or group** is set to **Everyone**, and then click **Next**.
6. On the **Conditions** page, click **Path** and then click **Next**.
![Create Packaged app Rules wizard, showing the Publisher](images/path-condition.png)
7. Click **Browse Folders...** and select the path for the unsigned apps. For this example, were using "C:\Program Files".
![Create Packaged app Rules wizard, showing the Select applications page](images/select-path.png)
8. On the **Exceptions** page, add any exceptions and then click **Next**.
9. On the **Name** page, type a name and description for the rule and then click **Create**.
10. In the left pane, right-click **AppLocker** > **Export policy**.
11. In the **Export policy** box, browse to where the policy should be stored, give the policy a name, and then click **Save**.
The policy is saved and youll see a message that says 1 rule was exported from the policy.
12. After youve created your XML file, you need to import it by using Microsoft Intune.
**To import a list of protected apps using Microsoft Intune**
1. In **Protected apps**, click **Import apps**.

35
windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune.md
View File

@ -193,7 +193,7 @@ In this example, you'd get the following info:
Where the text, `O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US` is the publisher name to enter in the **Publisher Name** box.
### Add an AppLocker policy file
Now were going to add an AppLocker XML file to the **App Rules** list. Youll use this option if you want to add multiple apps at the same time. The first example shows how to create a Packaged App rule for Store apps. The second example shows how to create an Executable rule by using a path for unsigned apps. For more info, see [AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview).
Now were going to add an AppLocker XML file to the **App Rules** list. Youll use this option if you want to add multiple apps at the same time. For more info, see [AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview).
**To create a Packaged App rule rule and xml file**
1. Open the Local Security Policy snap-in (SecPol.msc).
@ -260,39 +260,6 @@ Now were going to add an AppLocker XML file to the **App Rules** list. You
```
12. After youve created your XML file, you need to import it by using Microsoft Intune.
**To create an Executable rule and xml file for unsigned apps**
1. Open the Local Security Policy snap-in (SecPol.msc).
2. In the left pane, click **Application Control Policies** > **AppLocker** > **Executable Rules**.
3. Right-click **Executable Rules** > **Create New Rule**.
![Local security snap-in, showing the Executable Rules](images/create-new-path-rule.png)
4. On the **Before You Begin** page, click **Next**.
5. On the **Permissions** page, make sure the **Action** is set to **Allow** and the **User or group** is set to **Everyone**, and then click **Next**.
6. On the **Conditions** page, click **Path** and then click **Next**.
![Create Packaged app Rules wizard, showing the Publisher](images/path-condition.png)
7. Click **Browse Folders...** and select the path for the unsigned apps. For this example, were using "C:\Program Files".
![Create Packaged app Rules wizard, showing the Select applications page](images/select-path.png)
8. On the **Exceptions** page, add any exceptions and then click **Next**.
9. On the **Name** page, type a name and description for the rule and then click **Create**.
10. In the left pane, right-click **AppLocker** > **Export policy**.
11. In the **Export policy** box, browse to where the policy should be stored, give the policy a name, and then click **Save**.
The policy is saved and youll see a message that says 1 rule was exported from the policy.
12. After youve created your XML file, you need to import it by using Microsoft Intune.
**To import your Applocker policy file app rule using Microsoft Intune**
1. From the **App Rules** area, click **Add**.

BIN
windows/security/information-protection/windows-information-protection/images/path-condition.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 28 KiB

After

Width:  |  Height:  |  Size: 35 KiB

4
windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
View File

@ -1,5 +1,5 @@
---
title: Introduction to Windows Defender Device Guard - virtualization-based security and code integrity policies (Windows 10)
title: Windows Defender Device Guard - virtualization-based security and code integrity policies (Windows 10)
description: Microsoft Windows Defender Device Guard is a feature set that consists of both hardware and software system integrity hardening features that revolutionize the Windows operating systems security.
keywords: virtualization, security, malware
ms.prod: w10
@ -9,7 +9,7 @@ author: mdsakibMSFT
ms.date: 04/19/2018
---
# Introduction to Windows Defender Device Guard: virtualization-based security and Windows Defender Application Control
# Windows Defender Device Guard: virtualization-based security and Windows Defender Application Control
**Applies to**
- Windows 10