Enabling and testing default application rules

Application control includes default rule sets that are made up of one or more rules. Default application control rule sets are installed with the
Symantec Endpoint Protection Manager
. The default rule sets are disabled at installation. To use the default rule sets in an Application Control policy, you must enable them and apply the policy to a group of clients.
For a description of the common predefined rules, see:
In the following task you can enable and test the
Block writing to USB drives
rule set.
  1. To enable and test default application rules
  2. To enable a default application rule set, in the console, click
    Policies
    >
    Application and Device Control
    , and under
    Tasks
    , click
    Add an Application Control Policy
    .
  3. In the
    Overview
    pane, type a name and description for the policy.
  4. Click
    Application Control
    .
  5. In the
    Application Control
    pane, check the
    Enabled
    check box next to each rule set that you want to implement.
    For example, next to the
    Block writing to USB drives
    rule set, check the check box in the Enabled column.
  6. To review the rules for the rule set, select the rule, click
    Edit
    , and then click
    OK
    . See:
  7. Change
    Production
    to
    Test (log only)
    .
  8. Assign the policy to a group, and click
    OK
    .
  9. To test the rule set
    Block writing to USB drives
    , on the client computer, attach a USB drive.
  10. Open Windows Explorer and double-click the USB drive.
  11. Right-click the window and click
    New
    >
    Folder
    .
    If application control is in effect, an
    Unable to create folder
    error message appears.