Users with similar roles often need similar apps. You can assign applications to individual users based on their requirements, or create custom groups of users with specific application allowlists to satisfy their needs using relevant policies. Endpoint Central's application allowlisting feature lets you associate multiple allowlists with a custom group and vice versa.
You have successfully associated applications with custom groups in Endpoint Central. This simplifies management, access control, and reporting. You can now define policies, permissions, and restrictions at the group level, providing granular control over the applications used within your organization.
Different enterprises have diverse application control needs. Traditional application control solutions might not satisfy the needs of all the enterprises alike. Endpoint Central offers various modes to satisfy various levels of flexibility preferred by different enterprises, including:
Enterprise IT admins that have just begun their application control process can leverage Audit Mode to get a clear picture of how they should build their application control framework. In the beginning as the admin might not know what applications users in their organization need, the best option is to enable high flexibility functioning.
All allowlisted and unmanaged applications will run in this mode. Event collection is enabled to help admins identify apps to add to the allowlist, depending on the frequency and legitimacy of their use.
Strict Mode enforces a zero-trust security model. By choosing this mode, the unmanaged applications will be blocked. Only applications that are a part of the allowlist can execute. In case the user tries to access an unmanaged application, they will be immediately notified that the use of this particular application is prohibited.
Note: Blocklisted applications will not function in any endpoints in any of the above modes, ensuring enhanced security for organizations that utilize various applications for different business functions.
A custom alert can be configured to be shown when the end-user tries to open a blocked application.
If you have any further questions, please refer to our Frequently Asked Questions section for more information.