Specifications
13
SOPHOS ENDPOINT SECURITY AND DATA PROTECTION REVIEWER’S GUIDE
Application control policies
Applications like VoIP, IM and P2P are increasingly the cause of security, legal
and productivity issues in business – consequently IT departments are being
asked to control their unauthorized installation and usage. Sophos integrates the
detection of such controlled applications alongside malware and PUA detection,
enabling control without the requirement for the purchase, installation, or
management of a separate point product.
All controlled applications are authorized by default, but you can use Enterprise
Console to configure policies for groups of endpoint computers to reflect the
security requirements for specific locations or departments. For example, VoIP
can be switched off for office-based desktop computers, yet authorized for
remote computers. To block an application you can simply move the targeted
application to the blocked column.
The list of controlled applications is supplied by Sophos and updated regularly.
You cannot add new applications to the list, but you can submit a request to
Sophos to include a new legitimate application you would like to control on your
network.
For a full list of the applications that you can control, please see:
http://www.sophos.com/security/analyses/controlled-applications/
Figure 7: Application control – easy control of unauthorized software
Controllable applications
include:
•VoIP
•InstantMessaging
•Peer-to-peersoftware
•Distributedcomputing
projects
•Searchenginetoolbars
•Mediaplayers
•Internetbrowsers
•Games(Windowsand
multi-player games)
•Virtualizationapplications
•Remotemanagementtools
•Mappingapplications
•Emailclients
•Online storage
•Encryption tools