Windows7 is the next version of Windows operating system by Microsoft and it is coming with a number of improvements over the previous versions of Windows operating system. Windows7 is more secure, stable as compare to previous version of Windows specially Windows Vista. From today i am starting a series of articles describing Windows7 features. I am going to cover one feature every day.
AppLocker
Windows7 comes with a new feature called AppLocker. We already heard about the BitLocker in Windows vista. AppLocker comes with Windows7 and Windows Server 2008 R2. AppLocker contains new capabilities and extensions that reduce administrative overhead and help administrators control how users can access and use files, such as .exe files, scripts, Windows Installer files (.msi and .msp files), and DLLs.
With AppLocker What You Can Do ?
Administrators can define rules based on file attributes derived from the digital signature, including the publisher, product name, file name, and file version. AppLocker rules specify which files are allowed to run, files that are not included in AppLocker rules are not allowed to run. AppLocker also allows administrators to enforce AppLocker rules of Group or on individual users. AppLocker can be used with .exe files also, administrators can create exceptions to allows Administrator can also create exceptions for .exe files for example an administrator many allows users to run all windows processes expect regedit.exe.
Who will be interested in this feature?
AppLocker is very useful for those want to manage computers running in shared or inside organizations. AppLocker can be used to limit the number and type of files that are allowed to run by preventing unlicensed or malicious software from running and by restricting the ActiveX controls that are installed. AppLocker can greatly reduces the risk of information leaks via unauthorized softwares.
AppLocker considerations
AppLocker can not be used to manage computers running earlier versions of Windows operating system. There is minimal performance degradation because of the runtime checks. By default, AppLocker rules do not allow users to open or run any files that are not specifically allowed. Administrators should maintain an up-to-date list of allowed applications.
