How to configure Smart App Control in Windows 11 with JumpCloud?
Hey there...
Last week I wrote about the configuration of Attack Surface Reduction (ASR) on Windows, this week I'm writing about another (and new) security feature of Windows 11 (Build 22567): Smart App Control
What is Smart App Control?
In short: Smart App Control is a system-level feature that can help to protect your Windows 11 PC by blocking malicious and untrusted apps.
"Windows 11 Smart App Control adds significant protection from new and emerging threats?by blocking?apps that are malicious or untrusted. The feature will block what Microsoft calls “potentially unwanted apps” (PUA), which are apps that may cause a device to run slowly,?display unwanted ads, or do other things you don’t expect on your PC
Smart App Control works alongside other security software, such as Microsoft Defender and even non-Microsoft antivirus tools. But it’s not a replacement for these features." Source
Important note:
Smart App Control starts in?evaluation mode. This is a period during which Windows tries to determine if you're a good candidate for Smart App Control. If you are a good candidate for Smart App Control, then it will automatically be turned on. If not, it'll be turned off
Smart App Control won't block anything while it's in evaluation mode.
Once the evaluation is complete, or if you manually switch Smart App Control on or off, you won't be able to return to evaluation mode unless you?reset?or?reinstall Windows...
So, how to centrally configure it by turning on Evaluation Mode?
Simply by - in this example - using JumpCloud and configuring an Advanced: Custom Registry Keys Policy
领英推荐
The correct Registry Key to turn on the Evaluation mode is:
Windows Registry Editor Version 5.0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Policy]
"VerifiedAndReputablePolicyState"=dword:00000002
In a Custom Registry Keys Policy within JumpCloud it looks like this:
The correct Registry Key to turn on the SAC is:
Windows Registry Editor Version 5.0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Policy]
"VerifiedAndReputablePolicyState"=dword:00000001
Another important note by Microsoft itself:
Important:?Smart App Control can be used on new Windows 11 installs only. If you received it as part of a?Windows update on an already running device, you won't be able to turn it on unless you reset your PC or re-install Windows.