How to disable Lockdown in Endpoint Application Control (EAC) 2.0

There are two methods to disable the Lockdown rule:

• Option 1: Enable Log-only mode

  This method enables the Lockdown rule to perform assessment and reporting of blocked application incidents without preventing anything from running. Follow these steps:

  1. Log on to the EAC Management Console and go to Management > Rules page.
  2. Click the Lockdown rule to open the Edit Rule screen.
  3. In the Log-only mode, select Enabled.

     

  4. Click Saveto apply settings.

  You may choose to disable the end-user notification when a blocked application incident is triggered by the Lockdown rule. This can be done in the Policy Edit screen under User experience section.

  

• Option 2: Remove the Lockdown Rule

  This method removes the Lockdown rule in the policy that applies it. You may choose to duplicate the policy if it involves changing some of its settings such as the the policy Name and target endpoints. Follow these steps:

  1. Log on to the EAC Management Console and go to Management > Policies page.
  2. Select the policy and click +Add Policy > Duplicate selected.

     

  3. In the Edit Policy screen, change the policy Name and target endpoints (Users and Endpoints). Then, remove the Lockdown rule.

     

  4. Click Save to go back to Policies page.
  5. Change the order of the poicies by moving the duplicate policy above the original.

     

  6. Wait for the duplicate policy to be deployed to target endpoint(s).

  You may either delete the duplicate policy or move it at least, below the original policy to re-enable Lockdown rule to selected endpoints.