Skip to main content

Restrict Applications or CLI Commands

Overview

This article explains how to block or disable specific applications or Command Line Interface (CLI) commands from running by creating an Applications denylist in the policy settings of Netwrix Endpoint Protector.

Instructions

Follow the steps below to complete this process:

  1. Create an Applications denylist from Denylists and Allowlists > Denylists > Applications.
  2. Enter the application name or CLI command you want to block.
  3. Click the Add to content button.
  4. Click the Generate button.

Screenshot showing how to add applications or CLI commands to the denylist

  1. To include the newly created Applications denylist in a content aware policy, you must select the denylist in the policy settings.
  2. Target the client machines where the policy should apply.

Screenshot showing how to include the denylist in a content aware policy and target client machines