Symantec Endpoint Application Isolation offers hardening capabilities for:
- Known good applications - Includes mostly trusted applications in an enterprise environment such as browsers, office applications, and PDF viewers.
- Executables - Any other file or application beyond known good applications that are allowed to run in your environment.
- Operating System (OS)
- Components of the Windows operating system.
- The applications and OS can be hardened against undesired behaviors of file or process execution, network connections, and registry changes.
Use the following best practices for initial and on-going deployments of Symantec Endpoint Application Isolation.
The following table describes the best practices and their tasks:
Best Practices |
Tasks |
Deployment |
- Defining goals for your Application Isolation deployment.
- Identifying the policies that you need for Application Isolation.
- Deploying a pilot rollout of Symantec Endpoint Application Isolation.
- Planned phases for deploying policies.
|
Using policies with application Isolation |
When to use MEN policies with Application Isolation?
|
Specific deployments use cases |
Configuring settings for office Isolation use cases |
Gaining visibility into events |
- Viewing isolation violations and trends
- Applications Isolation dashboard
- Using Discovered Items
- Events overview
|
Event running and reporting |
- How to examine Application Isolation events and tune policies.
- Typical Event view queries for specific Application Isolations violations.
- How to tune an Application Isolation process access event.
- Ho to tune an Application Isolation file detection event or registry detection event.
- How to tune a network detection event.
- Reviewing and acting on Application Isolation exception requests.
- Running Application Isolation reports.
|
Agent FAQ |
Troubleshooting Symantec Endpoint Application Isolation issues. |
Policy reference |
- Rule fields in isolation policies.
- Using optional modifiers in Application Isolation policies
- How to specify command-line arguments when you create rules in Application Isolation policies.
- Application Isolation global internal rules
- OS security settings in the platform Isolation policy.
- Using OS security settings harden your environment.
|
For an overview and quick setup steps, see Getting started with Symantec Endpoint Application Isolation.
Supported operating systems
Application Isolation is supported on Windows devices only.
- Windows 7 (64-Bit-only)
- Windows 8 (64 Bit-only)
- Windows 10 (64 Bit-only)