I’m working on a bunch of articles and reviews for eWeek about application whitelisting. I’ve got my ideas about when it is appropriate and when it isn’t. When it is, when users don’t suffer because their workstations are locked down, then it is great. When it isn’t, then users will hate you for ruining their PC.
I decided that as a baseline I should find out what Microsoft gives away for free with Server 2008 and Windows 7. I can use AppLocker and Active Directory/Group Policy Objects to set up whitelisting rules for my testbed.
I found some good resources:
Microsoft TechNet AppLocker Step-by-Step Guide
And an OK planning guide.