Application control policy
Sophos Enterprise Console enables you to detect and block "controlled applications", that is, legitimate applications that are not a security threat, but that you decide are unsuitable for use in your office environment. Such applications may include instant messaging (IM) clients, Voice over Internet Protocol (VoIP) clients, digital imaging software, media players, or browser plug-ins.
Applications can be blocked or authorized for different groups of computers with complete flexibility. For example, VoIP can be switched off for office-based desktop computers, yet authorized for remote computers.
The list of controlled applications is supplied by Sophos and updated regularly. You cannot add new applications to the list, but you can submit a request to Sophos to include a new legitimate application you would like to control on your network.
For details, see knowledgebase article 63656.
This section describes how to select the applications you want to control on your network and set up scanning for controlled applications.
If you use role-based administration:
- You must have the Policy setting - application control right to configure an application control policy.
- You cannot edit a policy if it is applied outside your active sub-estate.
For more information about role-based administration, see Managing roles and sub-estates.
Application control events
When an application control event occurs, for example, a controlled application has been detected on the network, the event is written in the application control event log that can be viewed from Sophos Enterprise Console. For details, see View application control events.
The number of computers with events over a specified threshold within the last seven days is displayed on the Dashboard.
You can also set up alerts to be sent to your chosen recipients when an application control event has occurred. For details, see Set up application control alerts and messages.