Скачать с ютуб How to block application using Application and Device Control Symantec endpoint with MD5 hash в хорошем качестве

How to block application using Application and Device Control Symantec endpoint with MD5 hash

---------ITRecordAZ--------- How to block application using Application and Device Control Symantec endpoint with MD5 hash Keyword: The most common method for blocking unauthorized software is to block the primary program executable. To ensure that the correct file is blocked, Symantec recommends that you calculate an MD5 hash of the file. Symantec can block application include peer-to-peer (P2P) applications, media players, instant messengers, image burning software, games, proxies, and other programs as games. ---------- Lab using server SEPM server 2016 with IP external 192.168.1.48 IP internal 192.168.2.48 for connect to local domain controller. Client windows 10 -- will block procexp.exe Step by step: 1. Generate an MD5 hash Use one of the following methods to generate an MD5 hash: Use the checksum.exe utility Use Microsoft’s free File Checksum Integrity Verifier. Use the Get-FileHash command from within Windows PowerShell. Use online md5 check tool 2. Create a rule In Symantec Endpoint Protection Manager (SEPM), click Policies. Click Application and Device Control. Create a new Application and Device Control policy, or use an existing policy. Click your selected policy to edit it. Click Application Control. Click Add. Next to Apply this rule to the following processes, click Add. In the Process name to match field, type an asterisk (*). Click OK. Under Rules in the bottom left, click Add. Click Add Condition. Click Launch Process Attempts. Next to Apply to the following processes, click Add. In the lower right, click Options. Select Match the file fingerprint. Copy the MD5 hash into the field for the fingerprint. Click OK. Click the Actions tab. Decide if you want to block the file when it runs, or log it. Log: Choose "Continue processing other rules” and check "Enable logging.” There are 16 levels of logging, but "Critical - 0" is usually sufficient. Block: Choose "Block Access.” You can enable logging under this option as well. Notification: Check "Notify User" to notify the user by pop-up message that the software is unauthorized. Click OK. Ensure that the new rule is enabled and is set for production (test only logs) when you are ready to use it. Click OK. Click Yes to assign the policy. Check any client group to which the policy should apply. Click OK.