Solved

Applocker and security (again)

Posted on 2015-02-20
2
112 Views
Last Modified: 2015-03-17
I have searched through some threads on here regarding applocker without finding what I need. Apologies if this has been covered elsewhere.

I need to provide better security at a water plant. The plant has a Win 2012 DC server, Win7 and 8.1 workstations. They use std software (Office, ACAD) and SCADA software to control the pumps and monitor wells, tanks etc.

The preferred method to secure the computers is to use whitelisting  software, which appears to mean applocker is the way to go. I don't know how to do this. Most of the workstations have domain\users added to the local administrators group. I believe this may have to be un -done for applocker to work.  

Sooo. How do I set up applocker? I searched for applocker on the DC and came up with nothing.
0
Comment
Question by:hgj1357
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 81

Accepted Solution

by:
David Johnson, CD, MVP earned 250 total points
ID: 40622595
The clients version must be enterprise or higher to use applocker.
https://technet.microsoft.com/library/hh831440.aspx

NEVER NEVER have users run as admin's .. if they need admin privileges then have then use the runas options to run as an admin.
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 40623208
" Most of the workstations have domain\users added to the local administrators group. I believe this may have to be un -done for applocker to work" - no, we can setup applocker so that it will rule admins, too. But local admins are a big risk anyway, so get rid of them if you can.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Ransome Ware Question 10 183
Penetration Testing home based work 3 100
Quick start reading for Windows sysinternals 5 79
Remote login in windows 7 8 70
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question