Symantec Endpoint Application Isolation offers hardening capabilities for:
- Known good applications - Includes mostly trusted applications in an enterprise environment such as browsers, office applications, and PDF viewers.
- Executables - Any other file or application beyond known good applications that are allowed to run in your environment.
- Operating System (OS)
- Components of the Windows operating system.
- The applications and OS can be hardened against undesired behaviors of file or process execution, network connections, and registry changes.
Use the following best practices for initial and on-going deployments of Symantec Endpoint Application Isolation.
The following table describes the best practices and their tasks:
- Defining goals for your Application Isolation deployment.
- Identifying the policies that you need for Application Isolation.
- Deploying a pilot rollout of Symantec Endpoint Application Isolation.
- Planned phases for deploying policies.
|Using policies with application Isolation
When to use MEN policies with Application Isolation?
|Specific deployments use cases
|Configuring settings for office Isolation use cases
|Gaining visibility into events
- Viewing isolation violations and trends
- Applications Isolation dashboard
- Using Discovered Items
- Events overview
|Event running and reporting
- How to examine Application Isolation events and tune policies.
- Typical Event view queries for specific Application Isolations violations.
- How to tune an Application Isolation process access event.
- Ho to tune an Application Isolation file detection event or registry detection event.
- How to tune a network detection event.
- Reviewing and acting on Application Isolation exception requests.
- Running Application Isolation reports.
|Troubleshooting Symantec Endpoint Application Isolation issues.
- Rule fields in isolation policies.
- Using optional modifiers in Application Isolation policies
- How to specify command-line arguments when you create rules in Application Isolation policies.
- Application Isolation global internal rules
- OS security settings in the platform Isolation policy.
- Using OS security settings harden your environment.
For an overview and quick setup steps, see Getting started with Symantec Endpoint Application Isolation.
Supported operating systems
Application Isolation is supported on Windows devices only.
- Windows 7 (64-Bit-only)
- Windows 8 (64 Bit-only)
- Windows 10 (64 Bit-only)