2.0 KiB
title, description, ms.assetid, ms.reviewer, ms.author, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, ms.localizationpriority, author, manager, audience, ms.topic, ms.date, ms.technology
| title | description | ms.assetid | ms.reviewer | ms.author | ms.prod | ms.mktglfcycl | ms.sitesec | ms.pagetype | ms.localizationpriority | author | manager | audience | ms.topic | ms.date | ms.technology |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Understanding AppLocker rule collections | This topic explains the five different types of AppLocker rules used to enforce AppLocker policies. | 03c05466-4fb3-4880-8d3c-0f6f59fc5579 | vinpa | windows-client | deploy | library | security | medium | vinaypamnani-msft | aaroncz | ITPro | conceptual | 09/21/2017 | itpro-security |
Understanding AppLocker rule collections
Applies to
- Windows 10
- Windows 11
- Windows Server 2016 and above
Note
Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the Windows Defender Application Control feature availability.
This topic explains the five different types of AppLocker rules used to enforce AppLocker policies.
An AppLocker rule collection is a set of rules that apply to one of five types:
- Executable files: .exe and .com
- Windows Installer files: .msi, mst, and .msp
- Scripts: .ps1, .bat, .cmd, .vbs, and .js
- DLLs: .dll and .ocx
- Packaged apps and packaged app installers: .appx
If you use DLL rules, a DLL allow rule has to be created for each DLL that is used by all of the allowed apps.
Important: Each app can load several DLLs, and AppLocker must check each DLL before it is allowed to run. Therefore, creating DLL rules might cause performance problems on some computers. Denying some DLLs from running can also create app compatibility problems. As a result, the DLL rule collection is not enabled by default.
For info about how to enable the DLL rule collection, see Enable the DLL rule collection.