Endpoint Protection

 I was trying to disable google chrome using symantec endpoint in my organization, I tried creating a few rules for the same on application control policy. I was successfull in disabling firefox but was unable to do the same with chrome. I then found out that when I try installing chrome with an admin account,  chrome gets installed on the following path "C:\Program Files\Google\Chrome\Application\chrome.exe". And when I try to do the same with a regular user login it gets installed on his profile i.e. "C:\Users\test1\AppData\Local\Google\Chrome\Application\chrome.exe". Its easier to block chrome when its installed program files as it would difficult to create a policy to disable the same on all the user profiles in the organisation.

NEED HELP...

Hi

We can Block via ADC by the "Launch Process Attempts".

Add chrome’s process to there, Test it and rolled it out

Regards

Ajin

You can create  an application and device control policy to block chrome.exe using checksum.  does not matter when it gets installed.

check this thread for more info about how to impliment this

http://www.symantec.com/connect/forums/blocking-specific-executables-sep

I have now changed the settings under actions for the application control policy to terminate the process (chrome.exe) instead of blocking the application. It works fine now. Symantec now blocks google chrome from getting installed as well...