We have configured whilelist of 10-15 application and in our policy and applied on few test system. But when enabled mode is checked it allows all the applciation to run that are already preinstalled.
I ahve below query
1.can we block all preinstalled apps and allow only selected application to execute.
2.Also can we place enable mode directly after fine tuning of policy is done.
3. Policy takes after system is solidified or without also it works.
In Application Control whitelist is a "dynamic whitelist". It means you don't create the whitelist but it is created automatically when you deploy Application Control to your systems. After that you can create a black list for not allowed applications. The workflow is as follows:
Regarding your third question, solidifying proccess starts automatically after enabling Application Control (not putting in Enabled mode, there is a subtle diference). When solidification proccess finishs Default policy for Application Control is applied (or a custom policy if you assigned it to the system). Then you can put yor system in "Observe Mode" or in "Enabled mode". I recommend you put it in "Observe mode" and approve or deny requests in "Policy discivery" page. After a period (days or even months), when there are almost no requests in "Policy discovery" page, you can put the system in "Enabled mode".
You can read best practices document for detailed information: