ManageEngine Application Control Plus

Additional features

Application Allowlisting

Automatically creates and manages lists of allowed applications based on specified rules.

Application Blocklisting

Prevents specified applications and malicious executables from running.

Endpoint Privilege Management (EPM)

Assigns need-based, application-specific privileged access to prevent privilege elevation attacks.

Remove Unwanted Admin Rights

Discovers and centrally removes excessively distributed local administrator rights.

Just-in-Time Access

Enables temporary application access and elevated privileges that are automatically revoked after a set period.

Child Process Control

Creates global policies to control the execution of child processes generated by applications.

User Access Request

Allows users to request access to essential applications that are currently restricted.

Granular Control over Application Access

Provides fine-tuned control over which applications are allowed or blocked.

Minimize Unauthorized Access

Reduces the risk of unauthorized access by managing and removing unnecessary admin rights.

Adherence to Policies

Helps ensure compliance with organizational policies and regulations through privilege management.

Comprehensive Auditing

Offers detailed reports for auditing and compliance purposes, logging every app launch attempt.

Boost Efficiency

Provides users with necessary tools and access to perform jobs effectively, reducing delays.

Reduce Downtime

Ensures necessary applications and privileges are available on demand, minimizing interruptions.

Increased Flexibility

Offers just-in-time access and audit mode for adaptable policy enforcement.

Audit Mode Functionality

Monitors application activity without enforcing restrictions immediately, for policy validation.

Zero Trust Enforcement

Supports the establishment of a Zero Trust security model.

Principle of Least Privilege (PoLP) Enforcement

Ensures users only have the minimum necessary access to perform their tasks.

Automated Application Placement

Automates allowlisting and blocklisting based on specified control rules.

Customizable Control Rules

Allows specifying prerequisites for application control rules.

Application Grouping

Enables grouping applications by type or business function for consistent policy application.

Executable-Level Control

Operates at the executable level to control scripts, DLLs, installers, and other associated files.

Trusted Vendor Validation

Validates digital signatures and automatically permits applications from trusted software publishers.

Complete Audit Trails and Forensics

Logs who executed an application, when, and from where, supporting incident response and threat hunting.

Flexibility Regulator

Allows administrators to tailor the application control process around specific enterprise requirements, with modes like Strict and Audit.

WAN Architecture Support

Supports managing computers in distributed setups like branch or remote offices and for mobile users, using low bandwidth.

Centralized Web Console

Controls applications for users in local offices, remote offices, and on-the-go from a single console.

Active Directory Authentication

Integrates with Active Directory for user authentication.

Two-Factor Authentication (2FA)

Provides an additional layer of security for access.

Download/Schedule Reports

Allows users to download or schedule comprehensive reports.