Windows AppLocker is a new feature in Windows 7 and Windows Server 2008 R2 is an alternative to the Software Restriction Policies feature.
New with AppLocker
· Define rules based on file attributes derived from the digital signature, including the publisher, product name, file name, and file version. For example, you can create rules based on the publisher and file version attributes that are persistent through updates, or you can create rules that target a specific version of a file.
· Rule can both allow or deny access to a file/file types.
· Assign a rule to a security group or an individual user.
· Create exceptions for .exe files. For example, you can create a rule that allows all Windows processes to run except Regedit.exe.
· Use audit-only mode to identify files that would not be allowed to run if the policy were in effect.
· Applies to Windows 2008 and Windows 7 only.
**Applocker exist along with the old Software Restriction Policy.
**Publisher is a new option with Applocker which is not present in S/W Restriction policy.
AppLocker Step-by-Step Guidehttp://technet.microsoft.com/en-us/library/dd723686(WS.10).aspx