Security Controls Evaluation Guide


Application Limits and Access Times


Apply a policy to control the number of application instances a user can run, along with the times when it can run. You can create a policy to control or enforce licensing models by controlling application limits on a per user basis.

Try it yourself

Limiting a process to x number of instances

1.Create a new Application Control Configuration.

2.Navigate to Rule Sets > Group.

3.In the Everyone group > Add a file in the Allowed tab.

4.In File enter Notepad.exe.

5.Select the Application Limits tab

6.Select Enable application limits and set the number of instances to 1.

7.Select Add.

8.Save and deploy the configuration to the endpoint.

Test it

1.When a user logs on and runs notepad.exe the first instance will run as expected.

2.Now try and run a 2nd instance of notepad, access will be blocked because it exceeds the number of instances allowed to run. Note this is on a per user basis and not per machine.

Applying Access Times

Using the example above, we are going to add some more granular control over the allowed use of notepad.

1.Select the Access Times tab.

2.Select Only allow files to run at certain times.

3.Now click on the day and time that you want to allow access from and drag down to the end time, repeat this process until you have selected all allowed access periods. For example, you may only want to allow users between core working hours; 8am - 5pm Monday through to Friday. Users will be unable to run notepad outside of the times on the days, as specified.

Your next steps

Denied Items

Why use Executable Control?

Was this article useful?