AppLocker - Next Generation

deviceTRUST + Microsoft AppLocker – Application control, but the right way!

With AppLocker, Microsoft offers a way to control access to applications and files so that they can only be executed if they are configured as allowed. deviceTRUST simplifies AppLocker management enormously and extends the filter driver already included in the Microsoft operating system with valuable functionalities such as:

  • Dynamic & context-based application management for local & remote environments.
  • Allow listing for more security
  • Compliance with license terms when deploying device-based licenses via a remote platform

With deviceTRUST, we have found an optimal solution for application control, allowing us to only execute software that have been approved on our devices (application whitelisting). This security measure helps us to protect ourselves even better against malware.

Philip Kossmann
Head of IT Systems & Networks
Deutsche Steinzeug Cremer & Breuer AG

 

devicetrust_applocker

Learn how deviceTRUST extends the functionality of Microsoft AppLocker in these videos:

Vimeo

By loading the video, you agree to Vimeo's privacy policy.
Learn more

Load video

deviceTRUST + Microsoft AppLocker

Administration

This deviceTRUST and Microsoft AppLocker video shows our integration of AppLocker configuration into our console. Configuring AppLocker via GPO can be complicated and sometimes static, and may not reflect all the challenges in your work environment. This video shows how we integrated AppLocker configuration into our console, greatly simplifying it.

Vimeo

By loading the video, you agree to Vimeo's privacy policy.
Learn more

Load video

deviceTRUST + Microsoft AppLocker

Authorized Owner / Application Allowlisting

Application Allowlisting is the idea of creating a list of applications that are allowed to run on your computers or within your digital workplace and implicitly or explicitly excluding others. deviceTRUST integrates a very simple approach to create an Application Allowlisting. We call this concept "Authorized Owner". How it works, how it is configured and how it affects the user is shown in this video.

Vimeo

By loading the video, you agree to Vimeo's privacy policy.
Learn more

Load video

deviceTRUST + Microsoft AppLocker

Conditional Application Access

deviceTRUST brings the context into play - at any time and up-to-date. Based on the context information, an application can be made accessible or blocked. In this video, we show how Conditional Application Access works with deviceTRUST. This uses Microsoft AppLocker as the application control technology and deviceTRUST for dynamic configuration, which controls the rules depending on the situation.

Allow Listing with Microsoft AppLocker

With the ever-increasing incidence of malware and malicious software, organizations are forced to deploy application control solutions. Microsoft's AppLocker provides a way to control access to applications and files so that they can only run when configured as allowed. Microsoft AppLocker uses a so-called "filter driver" to control application access. This is already included, tested and documented in Microsoft operating systems. This guarantees the highest level of security, stability and performance.

Creating an Allow List using Microsoft's own administration tools (GPO) presents challenges for most organizations. The list of approved applications changes regularly in most companies and applications to be approved are not always installed in standard directories.

deviceTRUST assists with AppLocker management through several options. By integrating management into the deviceTRUST console, our customers can easily create the required Allow List in an automated and secure manner. It is also easy to respond dynamically to changes in the application landscape. Our customers can implement an Allow List that is always unique, secure and productive. Malware and malicious software can be effectively prevented from executing; the user is not given the opportunity to cause harm unintentionally or intentionally.

deviceTRUST & AppLocker: better together!

As digital workplaces become more dynamic and mobile - whether delivered via managed notebooks, through traditional remoting environments or modern DaaS offerings - access to permitted applications and files is becoming more flexible. This makes it more difficult for organizations to implement security, compliance and regulatory requirements when accessing applications and files.

In principle, Microsoft AppLocker can control access to applications and files based on the user or their group membership. However, very many scenarios require a dynamic control capability that responds to different contextual situations. With deviceTRUST, in addition to the Allow List, it is possible to define exactly which user or user group can use which applications and files in which context.

In the following blog articles, we will show in detail how Microsoft AppLocker can be managed very easily with deviceTRUST, how up-to-date and secure Allow List can be created automatically, and how context-dependent permitted applications and files are made available to users:

Microsoft AppLocker Management with deviceTRUST

All aspects of Microsoft AppLocker configuration can be configured centrally from the deviceTRUST management console.

Application Allow List with deviceTRUST

With the ever-increasing incidence of malware and malicious software, organizations are forced to deploy application control solutions.

Conditional Application Access with deviceTRUST

For security, compliance and regulatory reasons, it is often necessary that certain mission-critical applications may only be used under certain conditions.

You want to know everything about AppLocker + deviceTRUST, we will be happy to contact you.