Scan for applications you want to control

If you use role-based administration:

  • You must have the Policy setting - application control right to configure an application control policy.
  • You cannot edit a policy if it is applied outside your active sub-estate.

For more information, see Managing roles and sub-estates.

You can configure Sophos Endpoint Security and Control to scan for applications you want to control on your network on access.

  1. Check which application control policy is used by the group(s) of computers you want to configure.
  2. In the Policies pane, double-click Application control. Then double-click the policy you want to change.
    The Application control policy dialog box is displayed.
  3. On the Scanning tab, set the options as follows:
    • To enable on-access scanning, select the Enable on-access scanning check box. If you want to detect applications but do not want to block them on access, select the Detect but allow to run check box.
    • To enable on-demand and scheduled scanning, select the Enable on-demand and scheduled scanning check box.
    Warning Your anti-virus and HIPS policy settings determine which files are scanned (that is, the extensions and exclusions).

If you want to remove controlled applications found on your networked computers, follow the instructions in Uninstall controlled applications you do not want.

You can also have alerts sent to particular users if a controlled application is found on any of the computers in the group. For instructions, see Set up application control alerts and messages.