Aug 07 2020 01:06 AM
Hi,
Consider I've tested Application Control in either audit or enforce mode (setting from Endpoint Manager/Endpoint Protection/AC). Everything seems to work fine except a few LOB-applications.
Questions:
How do I exclude these LOB-applications from Application Control?
I think I've read about that you need to combine Application Control with Applocker for exclusions is that true? If that's the case where can I find documentation on how to setup exclusions?
If that's true - does the exclusions need to be managed by GPO or can it be managed via MDM only? (AAD Join only)
Aug 07 2020 01:49 AM
In MEMCM you have this capability, but what if I'm having an environment where a CM is not present? Would be fantastic to be able to add custom LOB-apps as exclusions this way but in Intune but maybe that's considered a security or non-issue?