Home » 
Applicable For Endpoint Central MSP 
 
 

Policy Deployment

Table of contents

Associating Application Groups

Users with similar roles often need similar apps. You can assign applications to individual users based on their requirements, or create custom groups of users with specific application allowlists to satisfy their needs using relevant policies. Endpoint Central's application allowlisting feature lets you associate multiple allowlists with a custom group and vice versa.

How to associate applications with custom groups?

  • Log in to the Endpoint Central web console with administrative privileges and navigate to App Ctrl -> Application Groups to create an Allowlist or Blocklist. To know more about the creation of application groups, refer to this page.
  • Under Deployment, go to Deploy Policy and create a custom group or select an already existing custom group.
  • Select the already existing application group that needs to be associated with the custom group.
  • If required, enable the option to Associate Privileged Application List.
  • Select the required option to run the applications either on Audit mode or Strict mode.
  • While running in Strict mode, the unmanaged applications can be requested if the option is enabled.
  • Enable Custom notifications and Alert messages according to your preference.
  • Click Deploy or Deploy immediately.

    Associate App Group

You have successfully associated applications with custom groups in Endpoint Central. This simplifies management, access control, and reporting. You can now define policies, permissions, and restrictions at the group level, providing granular control over the applications used within your organization.

Flexibility Regulator

Different enterprises have diverse application control needs. Traditional application control solutions might not satisfy the needs of all the enterprises alike. Endpoint Central offers various modes to satisfy various levels of flexibility preferred by different enterprises, including:

Audit Mode

Enterprise IT admins that have just begun their application control process can leverage Audit Mode to get a clear picture of how they should build their application control framework. In the beginning as the admin might not know what applications users in their organization need, the best option is to enable high flexibility functioning.

All allowlisted and unmanaged applications will run in this mode. Event collection is enabled to help admins identify apps to add to the allowlist, depending on the frequency and legitimacy of their use.

Audit Mode

Strict Mode

Strict Mode enforces a zero-trust security model. By choosing this mode, the unmanaged applications will be blocked. Only applications that are a part of the allowlist can execute. In case the user tries to access an unmanaged application, they will be immediately notified that the use of this particular application is prohibited.

Strict Mode

Note: Blocklisted applications will not function in any endpoints in any of the above modes, ensuring enhanced security for organizations that utilize various applications for different business functions.

Alert settings

A custom alert can be configured to be shown when the end-user tries to open a blocked application.

Alert Settings

If you have any further questions, please refer to our Frequently Asked Questions section for more information.