Users with the same role generally require similar applications. You can assign applications to individual users based on their requirements, or create custom groups of users and associate those groups with application allowlists specifically built to satisfy their needs using relevant policies. Application Control Plus' application allowlisting feature allows you to associate multiple application allowlists with the same custom group, and vice versa.
You have successfully associated applications with custom groups. By associating applications with custom groups in Endpoint Central, you can create logical groupings that allow for easier management, access control, and reporting. This association enables you to define policies, permissions, and restrictions at the group level, providing granular control over the applications used within your organization.
Every enterprise, regardless of size, has different application control requirements. Traditional application control solutions might not satisfy the needs of all the enterprises alike. ManageEngine Endpoint Central's Application Control is a smart solution that can meet the demands of different kinds of enterprises of all sizes. Application Control functions in several modes, each built to satisfy various levels of flexibility preferred by different enterprises. The different application control modes available are:
Enterprise IT admins that have just begun their application control process can leverage this mode to get a clear picture of how they should build their application control framework. In the beginning, the admin might not know what applications users in their organization need; in this instance, the best option is to enable high flexibility mode.
All applications present in the allowlist and the unmanaged applications will be allowed to run smoothly in this mode, and event collection will be enabled. The admin can monitor events for as long as needed as a reference to know when to shift applications from the unmanaged application list to the allowlist, depending on the frequency and legitimacy of their use.
This is a strict enforcement mode. By choosing this mode, none of the unmanaged applications will be accessible to the user. Only applications that are a part of the allowlist can be used. In case the user tries to access an unmanaged application, they'll immediately be notified that the use of this particular application is prohibited.
Note: Blocklisted applications will not function in any endpoints in any of the above modes, ensuring enhanced security for organizations that utilize various applications for different business functions.
A custom alert can be configured to be shown when the end-user tries to open a blocked application.
If you have any further questions, please refer to our Frequently Asked Questions section for more information.