I have a software restriction policy that prevents users from running a proxy client application that some users have downloaded. I have configured it correctly as a Path Rule but the users are renaming the file and getting around the policy. Is there another way?

Jan
29
2013

Yes there is. Instead of a Path Rule you can create a Hash rule. A hash rule takes a fingerprint of the application executable which means that no matter how many times the name of the file is changed; the rule restriction is still enforced. Jeremy discusses software restrictions in Chapter 8 got iin his book.