Scribd Logo
Upload

Welcome to Scribd!

  • 25 views

    8 BlockExecutable

    Uploaded by

    Dan Nguyen The
    Endpoint Central allows IT admins to block executables from running on managed computers to restrict unauthorized software usage. This can be done by creating block executable policies that specify the file path or hash of the executable to block. Policies can be applied to all computers or specific groups, and work by restricting executables at the operating system level. IT admins must ensure local group policy and security policies are configured correctly on target machines for block executable policies to take effect.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    8 BlockExecutable

    Uploaded by

    Dan Nguyen The
    25 views11 pages
    Endpoint Central allows IT admins to block executables from running on managed computers to restrict unauthorized software usage. This can be done by creating block executable policies that specify the file path or hash of the executable to block. Policies can be applied to all computers or specific groups, and work by restricting executables at the operating system level. IT admins must ensure local group policy and security policies are configured correctly on target machines for block executable policies to take effect.

    Original Title

    8.BlockExecutable

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Endpoint Central allows IT admins to block executables from running on managed computers to restrict unauthorized software usage. This can be done by creating block executable policies that specify the file path or hash of the executable to block. Policies can be applied to all computers or specific groups, and work by restricting executables at the operating system level. IT admins must ensure local group policy and security policies are configured correctly on target machines for block executable policies to take effect.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    25 views11 pages

    8 BlockExecutable

    Uploaded by

    Dan Nguyen The
    Endpoint Central allows IT admins to block executables from running on managed computers to restrict unauthorized software usage. This can be done by creating block executable policies that specify the file path or hash of the executable to block. Policies can be applied to all computers or specific groups, and work by restricting executables at the operating system level. IT admins must ensure local group policy and security policies are configured correctly on target machines for block executable policies to take effect.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    You are on page 1of 11

    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    Products Store Partners Affiliate Support |

    Overview Resources Demo Get Quote Support Free Trial

    Home » Block Executable Search..

    On-Premises Cloud

    Introduction
    Block Executable
    Set up Endpoint Central

    Working with Endpoint Central


    Table of Contents
    Threats & Patches What is Block Executable

    Asset Management Create/Remove Policy


    Inventory
    Block Executable for All Computers
    Software Asset Management
    Block Executable for Specific Computers
    Software Metering
    Software License Management Troubleshooting Tips
    Prohibit Software
    Block Executable
    Software Category IT admins always handle a lots of software and applications for their IT. With a lot of applications to
    Software Grouping handle, IT admins will have the need to restrict the usage of certain applications, IT admins can
    Inventory Reports leverage the Block Executable capability of Endpoint Central.
    Application Management & Control
    Remote Troubleshoot What is Block Executable
    Configurations & Profiles
    OS Imaging and Deployment Block Executable is the capability using which IT admins can restrict the initialization and working of an
    Reports executable. This blocks the running of exe which are launched without installation on the network. All
    Conditional Access the file formats supported under Windows "Software Restriction Policy" can be blocked using
    Certificate Management Endpoint Central. If in case, a software is to be prohibited from your network, prohibited software can
    Content Management be configured to achieve the same. 
    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 1/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    Geo-fencing Block an Executable Products Store Partners Affiliate Support |


    OS Update Management
    Using Path Rule
    Overview Resources Demo Get Quote Support Free Trial
    Using Hash Rule

    Check these pre-requisites to deploy a block executable rule

    Local Group Policy should be enabled on the target machine


    Default security Policy should be set as "Unrestricted"
    Local Group Policy should be enabled for Administrator

    Click here to watch the video:

    Block Executable

    Creating and Removing a Policy


    To create a Block Executable rule, navigate to Inventory > Block Executable > Add Policy.
    Add Custom Group(s) to which this rule is to be applied.
    Next, add the executable that needs to be blocked using either a Path Rule or Hash Rule 
    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 2/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    To remove a rule, navigate to Inventory > Block Executable and select the policies you wish to remove
    Products Store Partners Affiliate Support |
    and click the "Remove Policy" button.
    Overview Resources Demo Get Quote Support Free Trial
    Block using Path Rule
    IT admins can block an executable using the Path Rule when the targeted file name/path name remains
    static. Path Rule works on the logic of filename and it's extensions. Rename or relocation of the file will
    lead to failure of execution of the rule applied. This rule can be used to block applications even if they
    are not available in your network. Using path rule, IT administrators can block the executables located
    inside the given value.

    Block using Hash Value


    Hash is a unique value, that represents the executable.To use this method, IT admins should compute
    the Hash value for the targeted application and add it to the rule to block that executable. If you want to
    block an executable that is greater than 200 MB in size, use the below attached code snippet

    Windows commands

    File length
    (Get-Item FILE_LOCATION).Length

    File Hash MD5


    (Get-FileHash -Algorithm MD5 FILE_LOCATION)

    File Hash SHA256


    (Get-FileHash -Algorithm SHA256 FILE_LOCATION)

    Mac command

    File Size
    wc - c FILE_LOCATION 
    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 3/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    File Hash MD5


    Products Store Partners Affiliate Support |
    md5 FILE_LOCATION

    File Hash SHA256


    Overview Resources Demo Get Quote Support Free Trial
    shasum -a 256 FILE_LOCATION

    Linux command

    File Size
    wc - c FILE_LOCATION

    File Hash MD5


    md5sum FILE_LOCATION

    File Hash SHA256


    sha256sum FILE_LOCATION

    Block Executable for All Computers


    Endpoint Central by default has a custom group named "All Computers Group", which contains all the
    managed computers. If you want to block an executable for all the managed computers, then you can
    choose the default Custom Group and select the executable, which needs to be blocked. If you want to
    block the executable for a selected target, follow the below method.

    Block Executable for Specific Computers


    To block an executable for specific target, create a new custom group or use the existing custom
    groups. Custom groups can be of any type such as, unique or static or dynamic. You can block
    executable by choosing custom group which contains computers.

    Block executable does not support blocking executable which are initiated by the system.

    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 4/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    Troubleshooting Tips: Products Store Partners Affiliate Support |

    How to enable Local Group Policy on the target machine? Overview Resources Demo Get Quote Support Free Trial
    Perform the following actions manually on the target computer:
    Go to Run

    Type gpedit.msc

    Click Group Policy

    Click on "Turn Off Local Group Policy Objects Processing" as shown below.


    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 5/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    Ensure that you have chosen "Not Configured" as shown in the below image. Products Store Partners Affiliate Support |

    Overview Resources Demo Get Quote Support Free Trial

    You have now enabled Local Group Policy on the target machine.
    How to enable Local Group Policy on the target computer?

    Perform the following actions manually on the target computer:


    Go to Run

    Type gpedit.msc 
    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 6/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    Right Click on "Local Computer Policy", Choose Properties to ensure that "Disable
    Products Store Partners Affiliate Support |
    Computer Configuration Settings" is not selected.
    Overview Resources Demo Get Quote Support Free Trial

    You have now enabled Local Group Policy on the target computer.
    How to set the Default security Policy as "Unrestricted"
    Perform the following actions on the target computer:
    Go to Run

    Type gpedit.msc


    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 7/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    Click "Security Levels" and double click "Unrestricted" as shown below


    Products Store Partners Affiliate Support |

    Overview Resources Demo Get Quote Support Free Trial

    Ensure that the status is set as "Default" as mentioned in the image below.


    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 8/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    Products Store Partners Affiliate Support |

    Overview Resources Demo Get Quote Support Free Trial

    You have now enabled Local Group Policy on the target computer.
    How to enable Local Group Policy for the Administrator?
    Perform the following actions on the target computer:
    Go to Run

    Type gpedit.msc

    Click "Software Restriction Policy"


    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 9/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    Double click "Enforcement" to ensure that "All Users" is selected as shown in the image Products Store Partners Affiliate Support |
    below
    Overview Resources Demo Get Quote Support Free Trial

    You have now enabled Local Group Policy for Administrators.

    Was this article helpful?

    Yes No


    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 10/11
    9/18/23, 8:29 PM Block Executable | ManageEngine Endpoint Central

    © 2023 Zoho Corporation Pvt. Ltd. All rights reserved. Products Store Partners Affiliate Support |

    Overview Resources Demo Get Quote Support Free Trial


    https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html 11/11

    You might also like