One of the hidden gems of Windows 7 from a security standpoint is AppLocker: a great tool that gives more control back to IT administrators and helps eliminate unknown and unwanted software in your environment. The quick and easy way to get to know AppLocker is to configure a local security policy on a computer and use the built-in wizards to understand the capabilities. It’s easy using the GUI tools to create whitelists from the digital signatures of the applications you want to allow on your computer.
As you get more familiar with AppLocker and how to create rules, you’ll come to understand how easy the GUI makes it for a single computer; however, you’ll start to question your sanity if you tried to build even a hundred rules through the GUI. Yes, you can “Automatically Generate Rules…” through the GUI tools; however, creating a single reference machine with all of the software that is installed across all of the desktop computers in your environment is, at best, impractical; at worst, it is impossible!
That’s where AppLocker PowerShell cmdlets come in. These cmdlets allow you to script the core functions that you really need to manage AppLocker through PowerShell scripts on a large scale across hundreds, thousands, or even tens of thousands of desktops. The in-box cmdlets provide the fundamental building blocks to help you build a more automated, streamlined end-to-end management experience for AppLocker rules.
To get started using these cmdlets, open an elevate PowerShell session, import the AppLocker module, and start exploring!
