For download

Jun 30, 2009 10:07 GMT  ·  By

Microsoft has published and made available for download technical documentation designed to deliver an insight into one of the new features of the next iteration of Windows client and server operating systems. AppLocker Technical Documentation for Windows 7 and Windows Server 2008 R2 is now live on the Microsoft Download Center and up for grabs for administrators interested in controlling the applications that users are able to install and run in their environments.

“AppLocker is a new feature in Windows 7 and Windows Server 2008 R2 that replaces the Software Restriction Policies feature. AppLocker contains new capabilities and extensions that reduce administrative overhead and help administrators control how users can access and use files, such as executable files, scripts, Windows Installer files, and DLLs,” Microsoft revealed.

As far as the successor of Windows Vista is concerned, only the Enterprise and Ultimate editions of Windows 7 sport AppLocker. Via this feature, admins will be able to allow only certain applications to run, in accordance with the guidelines of a given organization. But the level of control goes even further. AppLocker can restrict the process of running licensed apps only to specific users. At the same time, the feature is capable of monitoring and producing an audit log with all applications run in an environment. And last but not least, AppLocker can also serve to block users with standard privileges from installing programs.

“Software Restriction Policies (SRP) were originally designed in Windows XP and Windows Server 2003 to help IT professionals limit the number of applications that would require administrator access. With the introduction of User Account Control (UAC) and the emphasis of standard user accounts in Windows Vista, fewer applications today require administrator privileges. As a result, AppLocker was introduced to expand the goals of the original SRP by allowing IT administrators to create a comprehensive list of applications that should be allowed to run,” Microsoft added.