The enforcement behavior determines when enforcement occurs for applications that are already running when the policy is applied. Choose from the following options:
Ignore: Do not enforce the application control behavior. For example, if the application is not allowed to execute (No Execution setting), allow the application to continue to run. Or, if the application is not allowed to access the Internet (No Internet Access setting), allow the application to continue to access the Internet.
Enforce immediately: Enforce the application control behavior immediately. For example, if the application is not allowed to execute (No Execution setting), terminate the application immediately.
With immediate enforcement, the user does not receive any warning. If you want the user to know why the application was terminated, you can use the Display message when enforcing behavior option.
Enforce after XX minutes: Enforce the application control behavior after the specified number of minutes. For example, is you set this option to 5 minutes (the default) and the application is not allowed to execute (No Execution setting), terminate the application after 5 minutes.
If the application is running when the policy is applied, a Policy Violations dialog box is displayed to inform the user that the application will be terminated after the specified number of minutes. The dialog box includes the application executable name and a countdown of the time remaining until the application is terminated. If multiple applications violate the policy, all applications are listed.
Allow the user to delay enforcement for an additional XX minutes: Select this option if you want to allow the user to delay the enforcement beyond the time specified by the Enforce after XX minutes option. The additional time is applied only if the user clicks the Delay All button in the Policy Violations dialog box.
For example, assume that you set the Enforce after XX minutes option to 5 minutes and this option to 10 minutes. At any time before the first 5 minutes expires, the user can click the Delay All button to delay the enforcement for an additional 10 minutes.
Display message when enforcing behavior: You can also display a message when enforcing the application control behavior. For example, if you select the Enforce immediately option, you can display a message informing the user why the application was terminated.
To use a display message, select the Display message when enforcing behavior option, then fill in the following fields:
Title of Message Window: Specify the Message Window’s title. For example, “Application Shutdown Alert.”
Body: Provide the text for the message body.
Message Hyperlink: If you want to include a hyperlink in the message, select Include message hyperlink, then fill in the following:
Display Text: The text to display as the hyperlink in the message.
Link: The command or Web URL to be executed when the display text is clicked. Any link that starts with http, https, or www is treated as a Web URL and launches a Web browser. Any other link is treated as an executable command. For example, you might include www.acme.com/appusage to a open a Web page that provides your corporate policy on authorized application usage.
Parameters: Applies only to executable commands, not to Web URLs. Specify any parameters that you want appended to the executable command. A space is automatically added between the executable command and the first parameter.