SCCM EndPoint

Is there any way to block applications to run on client computers with SCCM EndPoint protection? what are the steps?
A AAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

BembiCEOCommented:
Not by SCCM as I now but via registry and / or GPO's...

to block defined applications
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
RegDWord DisallowRun=1
The create a subfolder DisallowRun
the add string values...
1=Notepad.exe
2=SomethingElse.exe

or
to allow only defined applications
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
RegDWord RestrictedRun=1
The create a subfolder RestrictedRun
the add string values...
1=Notepad.exe
2=SomethingElse.exe

Also have a look at the GPOs
User Configuration - Policies - Administrative Templates - System
--> Don't run specific Windows applications...
--> Run only  specific Windows applications...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
A AAuthor Commented:
Thank you. Is there a way to do this in SCCM Endpoint Protection?
BembiCEOCommented:
What I see is, that there are not settings in endpoint protection to include additional files into the scan.
This would be the precondition that Endpoint Protection would be able to block additional files (beside what is defined in the signature files).
So, if there are no settings, there is also nothing what can be setup via SCCM.
SCCM only distributes the SCEPInstall.exe file to the clients and add / changes registry keys defined via the SCCM policies, which are stored in the local HKLM\Software\Policies\Microsoft Antimalware hive.

In my mind, it doesn't really make sense as it is already a build in functionality of the OS.
A AAuthor Commented:
Thank you so much
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SCCM

From novice to tech pro — start learning today.