Blocking a process from starting on client computers

The FTP client is a common way to transfer files from a server to a client computer. To prevent users from transferring files, you can add a rule that blocks a user from launching an FTP client from the command prompt.
  1. To block a process from starting on client computers
  2. To add a rule that blocks a process from starting on the client computer, open an Application Control policy, and on the
    Application Control
    pane, click
    Add
    .
  3. In the
    Application Control Rule Set
    dialog box, in the
    Rules
    list, select a rule, and on the
    Properties
    tab, in the
    Rule name
    text box, type
    ftp_ blocked_from_cmd
    .
  4. To the right of
    Apply this rule to the following processes
    , click
    Add
    .
  5. In the
    Add Process Definition
    dialog box, under
    Processes name to match
    , type
    cmd.exe
    , and then click
    OK
    .
  6. In the
    Application Control Rule Set
    dialog box, under the
    Rules
    list, click
    Add Condition > Launch Process Attempts
    .
  7. On the
    Properties
    tab, in the
    Description
    text box, type
    no ftp from cmd
    .
  8. To the right of
    Apply this rule to the following processes
    , click
    Add
    .
  9. In the
    Add Process Definition
    dialog box, under
    Processes name to match
    , type
    ftp.exe
    , and then click
    OK
    .
  10. In the
    Application Control Rule Set
    dialog box, on the
    Actions
    tab, click
    Block access
    ,
    Enable logging
    , and
    Notify user
    .
  11. Under
    Notify user
    , type
    ftp is blocked if launched from the cmd
    .
  12. Click
    OK
    twice, and assign the policy to a group.
    Test the rule.
  13. To test a rule that blocks a process from starting on the client computer, on the client computer, open a command prompt.
  14. In the command prompt window, type
    ftp
    , and then press
    Enter
    .
    As the rule has specified, the FTP client does not open.