Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

How to disable Lockdown in Endpoint Application Control (EAC) 2.0

    • Updated:
    • 26 Apr 2017
    • Product/Version:
    • Endpoint Application Control 2.0
    • Platform:
    • Windows All
Summary

Learn how to disable Lockdown mode in EAC 2.0.

Details
Public

There are two methods to disable the Lockdown rule:

  • Option 1: Enable Log-only mode

    This method enables the Lockdown rule to perform assessment and reporting of blocked application incidents without preventing anything from running. Follow these steps:

    1. Log on to the EAC Management Console and go to Management > Rules page.
    2. Click the Lockdown rule to open the Edit Rule screen.
    3. In the Log-only mode, select Enabled.

      log only mode

    4. Click Saveto apply settings.

    You may choose to disable the end-user notification when a blocked application incident is triggered by the Lockdown rule. This can be done in the Policy Edit screen under User experience section.

    end user notification

  • Option 2: Remove the Lockdown Rule

    This method removes the Lockdown rule in the policy that applies it. You may choose to duplicate the policy if it involves changing some of its settings such as the the policy Name and target endpoints. Follow these steps:

    1. Log on to the EAC Management Console and go to Management > Policies page.
    2. Select the policy and click +Add Policy > Duplicate selected.

      duplicate selected

    3. In the Edit Policy screen, change the policy Name and target endpoints (Users and Endpoints). Then, remove the Lockdown rule.

      duplicate lockdown

    4. Click Save to go back to Policies page.
    5. Change the order of the poicies by moving the duplicate policy above the original.

      policy priority

    6. Wait for the duplicate policy to be deployed to target endpoint(s).

    You may either delete the duplicate policy or move it at least, below the original policy to re-enable Lockdown rule to selected endpoints.

 
Re-applying or re-enabling the Lockdown rule triggers an inventory scan. This ensures that all application changes on the device is added to the local inventory scan database before locking down the endpoint.
Premium
Internal
Rating:
Category:
Configure
Solution Id:
1117252
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.