Application Control Policy
Application control lets you detect and block applications that are not a security threat, but that you decide are unsuitable for use in the office.
Go to Endpoint Protection > Policies to control applications.
To set up a policy, do as follows:
- Create an Application Control policy. See Create or Edit a Policy.
- Open the policy's Settings tab and configure the policy as described below. Make sure the policy is turned on.
We recommend that you detect the applications being used on your network and then decide which to block, as follows.
- In the Controlled Applications list, click Add/Edit List. This opens a dialog where you can see the categories of applications that you can control. Sophos supplies and updates the list.
- Click an application category, for example Browser plug-in. A full list of the applications in that category is displayed in the right-hand table.
- We recommend that you select the option Select all applications. You'll refine your selection later.
Click Save to List and repeat for each category you want to control.
If you want to control an application that isn't in the list supplied by Sophos, you can ask to have it added. Click the Application Control Request link at the bottom of the Settings tab.
In Detection Options:
- Select Detect controlled applications during scheduled and on-demand scans.
- Do not select any other options for now.
Application control uses the scheduled scans and the scanning options (which file types are scanned) that you set in Threat Protection settings.
Allow time for all your computers to run a scheduled scan.
- Go to the Logs & Reports > Events page.
- In the list of event types, clear all the checkboxes except Application Control. Detected applications are now shown in the list of events. Make a note of any you want to continue using.
- Return to your policy page.
In the Controlled Applications list, click Add/Edit List again. Then:
- Find the applications you want to use and clear the checkbox next to them.
Select New applications added to this category by Sophos (optional). Any new applications that Sophos adds to this category later will automatically be added to your controlled list. Newer versions of applications already in your list will also be added.
Only select this if you're sure you want to control applications in this category from now on.
Click Save to List.
In Detection Options:
- Turn on Detect controlled applications when users access them.
Turn on Block the detected application.
If you chose to control any new applications added by Sophos, those new applications will now be blocked.
The options you turn on in Detection Options apply to all the selected applications in your list.
If you turn on Allow the detected application this applies to all of your selected applications. If you want to allow an application or an application category while blocking or detecting others, edit your list and clear the checkbox next to it.
In Desktop Messaging you can add a message to the standard notification. If you leave the message box empty only the standard message is shown.
Desktop messaging is on by default.
If you switch off desktop messaging you will not see any notification messages related to Application Control.
- Click in the message box and enter the text you want to add.