Use of System Lockdown for multiple computers

Hi Team

Please read carefully the following case description, I already reviewed the following documents before opening this discussion : HOWTO80848, HOWTO80849, TECH207935, HOWTO80859 , HOWTO80850.,

Customer Requirement:  Apply System Lockdown to all computers in their environment.

Assumptions:

• Customer:
  • Will:
    • Have different groups with a different File fingerprint lists.
    • Run Log only mode before enable Whitelisting mode.
       
• On a group with 30 Computers that contains two or three different Operating Systems like Windows 10 Enterprise, Windows 10 Professional, Windows 7 Enterprise.:
   
  • Questions:
    • Please confirm if it’s valid the following process or if could generate an issue during the System Lockdown:

      Steps:
       

      1. Use the Collect File Fingerprint List command from a sample of each different OS (for example collect 3 different file fingerprint list).
      2. Verify the Command Status (at Monitors)
          
      3. Once the command sent to the 3 computers is 100% completed then:
      4. Create a new File Fingerprint List by using the Wizard .
          
      5. Choose the option “Create the file fingerprint by combining multiple existing file fingerprint
      6. Append the lists generated at  step #1
          
      7. Run System Lockdown as Log Unapproved Applications
      8. A few days later, Export the Application Control Log to Identify new applications that needs to be added.
         1. Identify the values from the column called: Target
         2. Identify the MD5 from the column called: Description.
         3. Create a file fingerprint list by using the MD5 hash separated by a space and the Path showed on the Target column.
            1. By using Excel reduce the number of duplicated values.
               1. For example, a line of this file will be similar to:
                  1. 750446ed76a5d13e902174dddda1a62b C:\Windows\System32\taskeng.exe
                      
         4. Append  the new file fingerprint to the one generated at step #6 .
            1. Expectations:
               1. From the time that was applied this new list the Systems of the Group will not show false positives or will be a minimum.
               2. Because the limit of the approved file list is 512 items then with the above approach could be better the management.
                   
    • Any other advise or question that you need in order to understand this use case?

Best Regards