deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 02:13:43 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
Files
c2b51fd098d94214f07b10dd1d54c7393c7681e8
windows-itpro-docs/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md
Alekhya Jupudi 200f30988f Defender App Guard Link text correction-03 
Change to Learn more about the Windows Defender Application Control feature availability
2021-09-30 11:35:44 +05:30

2.5 KiB
Raw Blame History

title, description, ms.assetid, ms.reviewer, ms.author, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, ms.localizationpriority, author, manager, audience, ms.collection, ms.topic, ms.date, ms.technology
title description ms.assetid ms.reviewer ms.author ms.prod ms.mktglfcycl ms.sitesec ms.pagetype ms.localizationpriority author manager audience ms.collection ms.topic ms.date ms.technology
Determine the Group Policy structure and rule enforcement (Windows) This overview topic describes the process to follow when you are planning to deploy AppLocker rules. f435fcbe-c7ac-4ef0-9702-729aab64163f dansimp m365-security deploy library security medium dansimp dansimp ITPro M365-security-compliance conceptual 09/21/2017 mde

Determine the Group Policy structure and rule enforcement

Applies to

  • Windows 10
  • Windows 11
  • Windows Server 2016 and above

Note

Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the Windows Defender Application Control feature availability.

This overview topic describes the process to follow when you are planning to deploy AppLocker rules.

In this section

Topic Description
Understand AppLocker enforcement settings This topic describes the AppLocker enforcement settings for rule collections.
Understand AppLocker rules and enforcement setting inheritance in Group Policy This topic for the IT professional describes how application control policies configured in AppLocker are applied through Group Policy.
Document the Group Policy structure and AppLocker rule enforcement This planning topic describes what you need to investigate, determine, and record in your application control policies plan when you use AppLocker.

When you are determining how many Group Policy Objects (GPOs) to create when you apply an AppLocker policy in your organization, you should consider the following:

  • Whether you are creating new GPOs or using existing GPOs
  • Whether you are implementing Software Restriction Policies (SRP) policies and AppLocker policies in the same GPO
  • GPO naming conventions
  • GPO size limits

Note:  There is no default limit on the number of AppLocker rules that you can create. However, in Windows Server 2008 R2, GPOs have a 2 MB size limit for performance. In subsequent versions, that limit is raised to 100 MB.