Skip to main content

Application denylist

Applications that are not approved for installation and usage in the IT environment can be specified in the Application denylist. Unwanted software, for example, game and poker applications, can be monitored with the denylist functionality.

You can let the unwanted applications be identified automatically by rules based on criteria, such as application name or type, application lifecycle information, or custom fields related to applications. You can also manually add applications to the denylist, see Denylist application.

The Application denylist view consists of the two tabs Rules and Applications (result).

TabDescription
RulesThe rules that are used to create the denylist of non-approved applications in your IT environment.
Applications (result)The list of applications that are affected by your denylist rules, whether the applications are installed or not. The columns Installations and Users show the number of installations and users in your IT environment according to the selected organization nodes for each rule.
Note that the same application can be listed multiple times if it is caught by multiple rules.

To see a list of all applications on the denylist, do one of the following:

  • Use the report All applications and add the report criteria Denylisted.

  • Use the reports Denylisted applications per computer or Denylisted applications per user.

  • In the Search for applications view, add the column Denylisted (Yes/No) from the Column selector.

Installation or usage of a denylisted application will result in an alert. Denylisted applications also appear with a red background in the Computer details and User details views.

If an application is caught by both an allowlist rule and a denylist rule, the denylist rule will override the allowlist rule. The application will appear on the Applications (result) tab of both lists, but it will only appear as a denylisted application in the user interface and in the reports of Snow License Manager.

Add denylist rules

  1. On the Home menu, under Administration, select Application denylist.

  2. On the Rules tab, select Add rule.

  3. In the Rule details step, do the following:

    1. In Rule name, enter a name for the rule.

    2. Optionally, in Comment, enter a description of the rule and a comment on why the rule exists.

    3. Optionally, in Organization, select the organization node or nodes that the new rule should apply to. If no specific organization node is selected, the rule applies to the entire organization.

    4. Select Next step.

  4. In the Applications step, use filters to find the applications you want to add to the denylist. Do the following:

    1. Use the Add group or Add criteria to create the filter. Use % as a wildcard character to include several applications with common names or types.

      Example: Application name like %poker%

    2. To see what applications the filter returns, select Preview results.

    3. When the required filters are in place, select Save.

Edit denylist rules

  1. On the Home menu, under Administration, select Application denylist.

  2. On the Rules tab, select the rule you want to edit.

  3. Add or edit the applicable information in the Rule details and Applications steps.

  4. Select Save.

Delete denylist rules

  1. On the Home menu, under Administration, select Application denylist.

  2. On the Rules tab, find the rule you want to delete, and then select Delete.

  3. Select OK to confirm.