Is there a method for defining permissions without going through the individual learning process for CPF?
My users seem to ALWAYS lock some essential function when they encounter an unfamiliar message. That leads to them disabling or uninstalling CPF so they can continue working.
Once their application sets are defined, they could be replicated to multiple desktops. Anything outside expected behavior would be denied and the “Learning™” would be disabled. If they need a function, they could contact a local admin for an update and that update could be replicated remotely to keep all desktops in sync.
We are going to provide some options in the future releases to make your task easier. But in the mean time, “Automatically approve safe applications” and “Scan for known applications” options are the 2 options which may make your task easier.
On those computers, disabling “Monitor COM/OLE requests” and “Monitor Windows Messages” options would also help. Because those 2 options are the ones that can produce false alerts more compared to others. Also I dont think disabling those 2 options would bring any remarkable risk.