Denied Items

Generate a list of items that are to be denied execution.

You do not need to use this list to deny applications that are not owned by an administrator because they are blocked by Trusted Ownership checking.

You can deny the following rule items:

  • File
  • Folder
  • Drive
  • File hash
  • Collection

For further details on each of the denied rule items please see the Ivanti Security Controls Help.

Try it yourself

  1. In the Application Control Configuration Editor navigate to Rule Sets > Group > Everyone > Executable Control.
  2. In the right-hand work area, select the Denied tab, right-click and select File.
  3. In the Add a File dialog, in File enter the name of a file.
  4. Click Add to add the item to the Denied list.
  5. Save and deploy the configuration.

Test it

Try and run the file added, you will be denied access.

Your next step

Allowed Items

Why use Executable Control?