Environment

• App Control Server: All Supported Versions
• App Control Agent: All Supported Versions

Question

Answer

Low Enforcement:

• When you are not concerned about unknown files and only need to block files that you have specifically created a File Ban Rule for: use Low Enforcement. 
• Low Enforcement, by default, will enforce banned files while allowing users to install software that is either Approved or Unapproved (neither banned nor approved).
• Although unapproved files are permitted to execute, you can monitor them and respond with Emergency Lockdown if necessary.
• Low Enforcement is available to any Policy with the Mode, Control.

Local Approval:

• Local Approval is reserved for system use, and cannot be chosen directly when creating a Policy, regardless of Mode.
• This Enforcement Level instructs the Agent to issue Local Approvals of any new software (files created during local approval), even for computers otherwise under High Enforcement.
• While in Local Approval the only active Device Control settings are: Block writes to banned removable devices and Block executes from banned removable devices.

Additional Notes

• Moving an Agent into Local Approval will require a Full Suite License (Visibility and Control). Environments with only a Visibility License cannot use Local Approval.
• More details about Local Approval can be found in the User Guide chapter, "Approving and Banning Software".

Related Content